Operation BugDrop

Operation BugDrop refers to a new form of malware that surreptitiously infects desktop and laptop computers and uses the PC’s microphone to secretly record audio. The BugDrop malware then exports the audio data from infected computers to Dropbox files for retrieval and analysis by cybercriminals.

The security firm CyberX discovered the large-scale “cyber-reconnaissance” Operation BugDrop in February 2016, and found the malware was targeting more than 70 targets in the Ukraine. The malware gets its name from the way it “bugs” offices and enterprise environments by remotely controlling computer microphones and then “drops” the recorded data into Dropbox.

In addition to recording audio, Operation BugDrop also attempts to capture sensitive information and details by taking secret screenshots, obtaining documents and gathering passwords and login credentials. The malware has targeted a variety of industries, including scientific research, media operations and critical infrastructure.

How Operation BugDrop Infiltrates Computers and Enterprises

Operation BugDrop infiltrates organizations and computers using phishing attacks in which messages masquerading as legitimate Microsoft Office emails encourage users to enable macros, which then facilitates the BugDrop installation.

The malware then uses complex techniques to avoid detection, including encrypting the DLL files and installing them using DLL injection, disguising the main downloader, and sending audio recording files in a manner that appears to be legitimate file transfers.

Once the Operation BugDrop malware infects an organization, “it effectively turns every computer into a bug that in some ways is far more effective than if intelligence operatives had actually planted bugs in the same offices,” according to eWeek.

Operation BugDrop Security Implications and What to Watch For

Operation BugDrop has gained considerable attention recently because it’s a new form of malware with a unique form of stealing sensitive information and also because while so far it’s been limited to Ukrainian targets, it could be turned loose anywhere, including in the U.S.

CyberX claims the best method for determining whether a network has been compromised by Operation BugDrop is to monitor outgoing traffic from the network for signs of exfiltration in particular, large amounts of data being sent to Dropbox daily.

Forrest Stroud
Forrest Stroud
Forrest is an experienced, entrepreneurial and well-rounded professional with 15+ years covering technology, business software, website design, programming and more.

Top Articles

Huge List Of Texting and Online Chat Abbreviations

From A3 to ZZZ we list 1,559 text message and online chat abbreviations to help you translate and understand today's texting lingo. Includes Top...

How To Create A Desktop Shortcut To A Website

This Webopedia guide will show you how to create a desktop shortcut to a website using Firefox, Chrome or Internet Explorer (IE). Creating a desktop...

The History Of Windows Operating Systems

Microsoft Windows is a family of operating systems. We look at the history of Microsoft's Windows operating systems (Windows OS) from 1985 to present...

Hotmail [Outlook] Email Accounts

  By Vangie Beal Hotmail is one of the first public webmail services that can be accessed from any web browser. Prior to Hotmail and its...

Relational Database Definition &...

A relational database stores and connects data in tables and columns, emphasizing the...

Common Business-Oriented Language (COBOL)...

What is COBOL? COBOL stands for Common Business-Oriented Language. It is a 60-year-old programming...

Shared Hosting Definition &...

Shared hosting is a web hosting model in which multiple sites occupy the...