Operation BugDrop

πŸ”΄ High
Also known as: Operation BugDrop

This threat actor targets critical infrastructure entities in the oil and gas sector, primarily in Ukraine. The threat actors deploy the BugDrop malware to remotely access the microphones in their targets’ computers to eavesdrop on conversations.

🌍 Country Russia
πŸ“… Activity 2017 β€” 2017
⚑ Risk Level High
🎯 Incident Type Espionage
Private sector
2017
2017

Targeted Victims

Ukraine Austria Russia Saudi Arabia

Introduction

This threat actor targets critical infrastructure entities in the oil and gas sector, primarily in Ukraine. The threat actors deploy the BugDrop malware to remotely access the microphones in their targets’ computers to eavesdrop on conversations.

Activities and Tactics

Targeted Sectors: Private sector

Country of Origin: πŸ‡·πŸ‡Ί Russia

Risk Level: High

First Seen: 2017

Last Activity: 2017

Incident Type: Espionage

Suspected Victims: Ukraine, Austria, Russia, Saudi Arabia

Notable Campaigns

Information pending cataloguing.

Tactics, Techniques, and Procedures (TTPs)

Information pending cataloguing.

Notable Indicators of Compromise (IOCs)

No atomic indicators are listed in this profile. The APTnotes snapshot indexes 1 public reports that may contain IOCs; see Source Attribution for dataset links.

Malware and Tools

  • RemoteCMD
  • Remote Utilities
  • RemotePC

Attribution and Evidence

Country of Origin: Russia Additional attribution information pending cataloguing.

References

References pending cataloguing.