Security experts have observed that an unknown hacking group has been spying on Ukrainian businesses and infecting their computers with a sophisticated malware, which allows eavesdropping and illegal data download.
The bug was first discovered by intelligence corporation CyberX, which stated that the malware is becoming a bigger threat with the passage of time.
What Does The Malware Do?
CyberX researchers have named the malware Operation BugDrop. The malware has been designed to infiltrate the victim's computer, stay there and turn on the computer's inbuilt or attached microphone. Every day BugDrop goes on to record all information heard through the microphone and sends the data as sound files to a Dropbox.
The most surprising part about this whole espionage system is that it is more effective that planting bugs at an organization. As soon as the malware gets downloaded in the computer, the virus compromises the PC.
Damage Done By BugDrop
The successful surveillance campaign has till now infiltrated and downloaded data of about 70 victims, according to CyberX. The intelligence firm thinks that the hackers behind the creation of BugDrop are highly skilled, well resourced and likely has the support of a nation or a state.
"There's been a lot of cyber activity in the Ukraine - but what makes this one stand out is its scale and the amount of human and logistical resources required to analyze such massive amounts of stolen data," said Nir Giller, co-founder and CTO of CyberX.
How Does BugDrop Work?
The malware is installed in the victim's computer through a phishing attack or through Microsoft Office file attachments that have malicious macros embedded in it. As the infected Microsoft office files are opened, the hidden VB scripts starts operating in the background hiding under a temporary folder.
BugDrop avoids detection by making the audio data look like legitimate outgoing traffic. The malware also encrypts the DLLs that are installed to avoid detection by antivirus software. Also, the malware cleverly avoids detection by using public cloud service Dropbox.
Although the malware is mainly designed to record audio files, It also can steal the documents, password and important data from the computer's browsers.
Target Of BugDrop
The dangerous malware has targeted various sectors of business including critical infrastructures, research centers in Ukraine and media. According to CyberX, BugDrop's main target has been Ukraine but its footprints have been traced to other parts of Russia, Saudi Arabia and Austria.
Photo: Christoph Scholz | Flickr