Skip to main content
  1. Home
  2. Computing
  3. News

PC microphones helped steal hundreds of gigabytes of data from Ukraine firms

Mark Coppock
By

operation bugdrop used pc microphones to steal data in ukraine hackers
Image used with permission by copyright holder
Allegations of state-sponsored cyberattacks have been in the news lately, including alleged Russian hacks during the recent U.S. elections. These allegations are sometimes based on the code used to break into systems, and sometimes due to the sheer scale and sophistication of attacks that could only be brought by government agencies.

One such large-scale cyberattack, dubbed “Operation BugDrop,” seems to have been perpetrated against targets in Ukraine, as reported on its blog by security firm CyberX. The attack went after at least 70 victim organizations and stole huge amounts of sensitive information using a number of methods including one attack vector — the PC microphone — that is very difficult to guard against.

Recommended Videos

According to CyberX, Operation BugDrop, so named because the microphones of target PCs were “bugged,” used compromised Microsoft Word documents to install malware capable of eavesdropping and capturing hundreds of gigabytes of data. The firm described Operation BugDrop a “well-organized operation that employs sophisticated malware and appears to be backed by an organization with substantial resources.”

CyberX
CyberX

Chief among those resources appear to be a very large and sophisticated infrastructure enabling the attackers to decrypt and analyze massive amounts of data — up to several gigabytes each day — and then store it in a massive cache of data. As CyberX points out, it’s not just a machine-driven attack because the stolen data requires many human analysts to comb through and make sense of it. While state involvement isn’t guaranteed, it is likely.

CyberX
CyberX

Most of the targets were organizations located in Ukraine, including companies involved in engineering and designing oil and gas distribution facilities, human rights organizations, newspaper editors, and more. A smaller number of organizations in Russia, Austria, and Saudi Arabia were also targeted. Stolen data appears to include audio recordings, screenshots, documents, and passwords.

Operation BugDrop serves to highlight the growing importance of well-organized and heavily financed cybercrime operations aimed at private and governmental organizations and capable of accumulating and analyzing massive amounts of proprietary information. CyberX concludes, not surprisingly, that organizations need to be diligent in monitoring their networks and applying more modern technologies to identify and respond to these increasingly sophisticated attacks.

Topics
Mark Coppock
Mark Coppock
Computing Writer
Mark has been a geek since MS-DOS gave way to Windows and the PalmPilot was a thing. He’s translated his love for…
It’s time to stop believing these PC building myths
Hyte's Thicc Q60 all-in-one liquid cooler.

As far as hobbies go, PC hardware is neither the cheapest nor the easiest one to get into. That's precisely why you may often run into various misconceptions and myths.

These myths have been circulating for so long now that many accept them as a universal truth, even though they're anything but. Below, I'll walk you through some PC beliefs that have been debunked over and over, and, yet, are still prevalent.
Liquid cooling is high-maintenance (and scary)

Read more
AMD’s next-gen CPUs are much closer than we thought
AMD Ryzen 7 7800X3D held between fingertips.

We already knew that AMD would launch its Zen 5 CPUs this year, but recent motherboard updates hint that a release is imminent. Both MSI and Asus have released updates for their 600-series motherboards that explicitly add support for "next-generation AMD Ryzen processors," setting the stage for AMD's next-gen CPUs.

This saga started a few days ago when hardware leaker 9550pro spotted an MSI BIOS update, which they shared on X (formerly Twitter). Since then, Asus has followed suit with BIOS updates of its own featuring a new AMD Generic Encapsulated Software Architecture (AGESA) -- the firmware responsible for starting the CPU -- that brings support for next-gen CPUs (spotted by VideoCardz).

Read more
AMD Zen 5: Everything we know about AMD’s next-gen CPUs
The AMD Ryzen 5 8600G APU installed in a motherboard.

AMD Zen 5 is the next-generation Ryzen CPU architecture for Team Red and is slated for a launch sometime in 2024. We've been hearing tantalizing rumors for a while now and promises of big leaps in performance. In short, Zen 5 could be very exciting indeed.

We don't have all the details, but what we're hearing is very promising. Here's what we know about Zen 5 so far.
Zen 5 release date and availability
AMD confirmed in January 2024 that it was on track to launch Zen 5 sometime in the "second half of the year." Considering the launch of Zen 4 was in September 2022, we would expect to see Zen 5 desktop processors debut around the same timeframe, possibly with an announcement in the summer at Computex.

Read more