CyberX discovers large-scale cyber reconnaissance operation in Ukraine

CyberX has discovered a new, large-scale cyber-reconnaissance operation targeting a broad range of targets in the Ukraine. Because it eavesdrops on sensitive conversations by remotely controlling PC microphones – in order to surreptitiously “bug” its targets – and uses Dropbox to store exfiltrated data, CyberX has named it “Operation BugDrop.”

CyberX has confirmed at least 70 victims successfully targeted by the operation in a range of sectors including critical infrastructure, media, and scientific research. 

Most of the targets are located in the Ukraine, but there are also targets in Russia and a smaller number of targets in Saudi Arabia and Austria. Many targets are located in the self-declared separatist states of Donetsk and Luhansk.

CyberX identified targets of BugDrop Operation, they are - a company that designs remote monitoring systems for oil & gas pipeline infrastructures, an international organization that monitors human rights, counter-terrorism and cyberattacks on critical infrastructure in the Ukraine, an engineering company that designs electrical substations, gas distribution pipelines, and water supply plants, a scientific research institute, editors of Ukrainian newspapers.

"Operation BugDrop is a well-organized operation that employs sophisticated malware and appears to be backed by an organization with substantial resources. In particular, the operation requires a massive back-end infrastructure to store, decrypt and analyze several GB per day of unstructured data that is being captured from its targets." - said in the company.