Malware Campaign ‘Operation BugDrop’ Steals Data and Audio

Researchers recently unearthed a sophisticated malware campaign which stole over 600 GB of data from some seventy targets in various sectors, particularly scientific research, news media and critical infrastructure.

The particular malware campaign is named "Operation BugDrop," which's chiefly attacking victims inside Russia, Ukraine, Saudi Arabia and Austria. Right now, the attackers have not been identified; however, based on the operation's details unearthed hitherto, they could be state sponsored having plentiful resources.

CyberX, the security company lately blogged that the 'operation' employed malicious software for seizing conversations as audio recordings, for stealing passwords and documents, and for taking screenshots. At first, targets are contaminated with malware-laden Microsoft Word files attached to spoofed or phishing e-mails. After becoming contaminated, the hijacked computers upload the stolen data as well as audio to Dropbox from where the attackers retrieve them all. The name 'Operation BugDrop' for the malware campaign is so given because it relies on computer microphones for infecting targets while dispatching the data along with audio recording to Dropbox. Arstechnica.com posted this, February 21, 2017.

There are harmful macros embedded on the Microsoft Word files. These are originally inactive but if the end-user specifically gives the command, then they can be activated. After deployment of the malware, the tainted PC transmits the entire data onto Dropbox the place for the hackers to recover it fully. This can be described an essentially well-designed ruse because organizations usually do not check data flux in their Dropbox.

Operation BugDrop malware's detection rates are pretty low. The malware even encrypts each and every DLL which is planted for avoiding detection. Further it utilizes Dropbox the freely available cloud service to do its activities that usually go unmonitored in companies.

Till now, merely a few anti-malware solutions have caught BugDrop. Yet security software wouldn't be required should
end-users remain wary of dubious e-mails as well as do not get tempted for viewing shady attachments.

According to security researchers, there's little evidence of any destruction taking place from Operation BugDrop.
But, detecting, recognizing and exploring the targets most often is operations' foremost stage conducted with broader
aims.

» SPAMfighter News - 2/23/2017