Last week a cyber espionage attack was discovered by the CyberX security firm with dozens of targets falling victim. CyberX named the intrusion “Operation BugDrop,” because it secretly bugs its targets. Targets of the operation include scientific research companies, infrastructure and the media.
Operation Bugdrop is said to be a sophisticated and well organized operation with a massive backend that captures gigabytes of data per day, and is said to have funneled more than 600GB of data in total. There have been at least 70 victims of the operation, including a company that designs monitoring systems for oil and gas infrastructures, an international counter-terrorism organization, a scientific research institute and editors of multiple Ukranian newspapers. The majority of the targets are located in the Ukraine, but many in Russia, Saudia Arabia and Austria were victims of the attack as well.
Per the CyberX report, “the operation seeks to capture a range of sensitive information from its targets including audio recordings of conversations, screen shots, documents and passwords.” Victims are infected through email phishing attacks and macros embedded in Microsoft Office files and data is ex-filtrated through Dropbox.