This Malware Campaign Obtains Data by Compromising PC Microphones

A security firm named CyberX has discovered that the Ukraine is being targeted by an extensive cyber-reconnaissance operation. In this campaign, the targets are quite broad range and the basic purpose here is to spy on confidential communications of the key Ukrainian officials by remotely controlling their PC microphones. Apart from the Ukraine, CyberX has also identified targets in Russia as well and to some extent even in Saudi Arabia and Austria. Some of the targets are discovered in the separatists’ states of Luhansk and Donetsk.

This campaign has been named as Operation BugDrop by CyberX,  and in this, DropBox is used to store the data which is acquired. Based 0n their research, 70 victims have been targeted successfully by these cyber-criminals. These victims come from a variety of fields which include scientific research, critical infrastructure and media, etc.

The focus in this operation is to capture the sensitive information like audio recordings, login credentials screenshots etc. Users can manually stop being recorded or at least avoid it by placing a tape on it, but when it comes to microphones, there is no way of disabling it by manipulating the hardware of the computer.

According to the CyberX, in Ukraine this malware, BugDrop has so far targeted companies that design remote monitoring systems primarily for Oil and Gas pipeline infrastructures, organisations that monitor human rights, cyber-attacks on main infrastructures and counter-terrorism institutions and engineering company that develops electrical substations, water supply plants and gas distribution pipelines.

It is a pretty well-organized operation in which very sophisticated malware is utilised and apparently a resourceful organisation is sponsoring it. The operation is launched via a large back-end infrastructure that stores, decrypts and analyses various GB of unstructured data obtained from the victims on a daily basis. Moreover, a massive team of human analysts is required to sort out and process the captured data manually or using analytic tools like Big Data.

source: hackread

Related posts

ANY.RUN Discovers Tricky Phishing Attack Using Fake CAPTCHA

Kia Dealer Portal Vulnerability Risked Millions of Cars

Latest Octo Malware Variant Mimics Popular Apps Like NordVPN, Chrome