Skip to main content
  1. Home
  2. Computing
  3. News

PC microphones helped steal hundreds of gigabytes of data from Ukraine firms

By

operation bugdrop used pc microphones to steal data in ukraine hackers
Image used with permission by copyright holder
Allegations of state-sponsored cyberattacks have been in the news lately, including alleged Russian hacks during the recent U.S. elections. These allegations are sometimes based on the code used to break into systems, and sometimes due to the sheer scale and sophistication of attacks that could only be brought by government agencies.

One such large-scale cyberattack, dubbed “Operation BugDrop,” seems to have been perpetrated against targets in Ukraine, as reported on its blog by security firm CyberX. The attack went after at least 70 victim organizations and stole huge amounts of sensitive information using a number of methods including one attack vector — the PC microphone — that is very difficult to guard against.

Recommended Videos

According to CyberX, Operation BugDrop, so named because the microphones of target PCs were “bugged,” used compromised Microsoft Word documents to install malware capable of eavesdropping and capturing hundreds of gigabytes of data. The firm described Operation BugDrop a “well-organized operation that employs sophisticated malware and appears to be backed by an organization with substantial resources.”

CyberX
CyberX
Please enable Javascript to view this content

Chief among those resources appear to be a very large and sophisticated infrastructure enabling the attackers to decrypt and analyze massive amounts of data — up to several gigabytes each day — and then store it in a massive cache of data. As CyberX points out, it’s not just a machine-driven attack because the stolen data requires many human analysts to comb through and make sense of it. While state involvement isn’t guaranteed, it is likely.

CyberX
CyberX

Most of the targets were organizations located in Ukraine, including companies involved in engineering and designing oil and gas distribution facilities, human rights organizations, newspaper editors, and more. A smaller number of organizations in Russia, Austria, and Saudi Arabia were also targeted. Stolen data appears to include audio recordings, screenshots, documents, and passwords.

Operation BugDrop serves to highlight the growing importance of well-organized and heavily financed cybercrime operations aimed at private and governmental organizations and capable of accumulating and analyzing massive amounts of proprietary information. CyberX concludes, not surprisingly, that organizations need to be diligent in monitoring their networks and applying more modern technologies to identify and respond to these increasingly sophisticated attacks.

Topics
Mark Coppock
Mark Coppock
Computing Writer
Mark Coppock is a Freelance Writer at Digital Trends covering primarily laptop and other computing technologies. He has…
Nvidia celebrates Trump, slams Biden for putting AI in jeopardy
The Nvidia RTX 5090 GPU.

In response to new export restrictions placed on AI GPUs, Nvidia posted a scathing blog criticizing the outgoing Biden-Harris administration. The administration's Interim Final Rule on Artificial Intelligence Diffusion largely targets China with restrictions on AI GPUs, according to Newsweek.

Nvidia disagrees. "While cloaked in the guise of an 'anti-China' measure, these rules would do nothing to enhance U.S. security. The new rules would control technology worldwide, including technology that is already widely available in mainstream gaming PCs and consumer hardware. Rather than mitigate any threat, the new Biden rules would only weaken America’s global competitiveness, undermining the innovation that has kept the U.S. ahead," wrote Nvidia's vice president of government of affairs Ned Finkle.

Read more
This new DirectX feature could completely change how PC games work
A scene from Fortnite running in Unreal Engine 5.

Microsoft has announced that neural rendering capabilities are coming to DirectX soon. Cooperative vector support, as it's called, will lead to "cross-platform enablement of neural rendering techniques," according to Microsoft, and it will usher in "a new paradigm in 3D graphics programming."

It sounds buzzy, but that's not without reason. This past week, Nvidia announced its new range of RTX 50-series graphics cards, and along with them, it revealed a slate of neural rendering features. Neural shaders, as Nvidia calls them, allow developers to execute small neural networks from shader code, running them on the dedicated AI hardware available on Nvidia, AMD, Intel, and Qualcomm GPUs. Microsoft is saying that it will enable these features on all GPUs, not just those sold by Nvidia, through the DirectX API.

Read more
This gaming PC with an RTX 4060 is on sale for $1,000 today
The iBuyPower Trace 7 on a white background.

Best Buy often has some great gaming PC deals, with one highlight available today: Right now, you can buy the iBuyPower Trace 7 gaming PC for $1,000 instead of $1,300. The PC includes the RTX 4060 GPU, so it’s ideal for mid-range gaming. It even comes with a keyboard and mouse, so you only need to make sure you have a screen to add to it. If you’re looking to upgrade your gaming PC for less, here’s what it has to offer.

Why you should buy the iBuyPower Trace 7
You won’t see anything from iBuyPower in our look at the best gaming PCs, but don’t let that discourage you. This is still a good option for those on a budget. This particular model has great hardware for the price. It has an AMD Ryzen 7 5700 CPU teamed up with 16GB of RAM and 1TB of SSD storage. More pivotal for a gaming PC is its graphics card: a GeForce RTX 4060 with 8GB of VRAM.

Read more