Hackers attacked Russian and Ukrainian research Institute through infected Word


At least 70 organizations in Ukraine, Russia, Austria and Saudi Arabia suffered large-scale hacker attack, reports Fox News, citing data from the international company CyberX, specializing in cyber security.

According to CyberX, a malware got on the users ‘ computers via infected Microsoft Office documents. Users received phishing emails asking you to open the infected with malicious macros the Microsoft Word file, attached to the letter. If the user has disabled macro support, the user is shown a dialog box asking to enable macros to correctly display the document content.

“Attention! File created in a newer version of Microsoft Office. You must enable macros to correctly display the contents of the document,” reads the inscription in the dialog box.

Then the attackers got remote access to your computer microphone, laptops, smartphones and tablets and could record the conversations in their range. The recorded conversations are then uploaded to the file hosting service Dropbox. Thus was stolen “hundreds of gigabytes of data,” notes Fox News. CyberX called this large-scale attack “operation BugDrop”.

CyberX indicates that technology theft and transfer of information, which were used by the hackers were “sophisticated” and “advanced”, and notes that the result of the operation were stolen not only records conversations but also other personal information — screenshots, documents and passwords.

CyberX experts believe that to conduct such an operation could only very powerful organization with good infrastructure that are required in order to decrypt and store this data.

The majority of organizations exposed to attack, were located in Ukraine. Among the targets of hackers and engineering companies and research institutes, human rights organizations and the media. In addition, said CyberX, a number of goals of hackers is the self-proclaimed Donetsk and Lugansk national republics.

The attack also organizations in Russia, Austria and Saudi Arabia.

Unlike built-in camera of the unauthorized access to which is easy to block a simple gluing adhesive tape on the “eye” of the camera, the built-in microphones of the devices to turn off much more difficult, experts say CyberX. They are almost impossible to block without disconnecting the equipment.

Source