Russia on cyber-offensive in Ukraine: new malware revealed
Internet security firm CyberX said it has spotted a new weapon in the ongoing cyberwar between Russia and Ukraine — a program called BugDrop that is being used to steal vast amounts of sensitive data from Ukrainian businesses and institutions, according to the Boston Globe.
"It looks very professional... and most important, very successful," said CyberX co-founder Nir Giller, a former engineer for the Israel Defense Forces cyber security unit, the Boston Globe reports.
Ukraine is already believed to be the target of a massive cyber warfare campaign run by Russia.
In 2015, an electrical outage cut power to 230,000 Ukrainian homes in what U.S. authorities concluded was the world’s first successful hack of a nation’s electrical grid. A similar attack in late December 2016 cut power to a large part of the Ukrainian capital, Kyiv.
In BugDrop, attackers are using booby-trapped Microsoft Word documents to get inside computer systems and copy vital data, according to CyberX. The infected machines record all keystrokes, take screenshots of the monitor, and even activate the computer’s microphone to record voices. All the data is encrypted and sent to a Dropbox account.
Ukraine charges Russia with new cyber attacks on infrastructureGiller estimated that BugDrop has collected up to 3 gigabytes of data per day since it was launched, probably last year.
More than 70 organizations have been hit by BugDrop, including two Ukrainian newspapers, a company that makes oil and gas pipeline equipment, a company that designs water systems and electrical substations, and an international human rights organization.