Bulgaria’s National Security Agency Had No Budget to Buy Spyware from Hacking Team. For Now…

The Agency hit a snag with the PGP keys and could not read the secret offer of the Italians

Infecting computers and smartphones and collecting different information from them such as Skype traffic, various chat applications (Facebook, WhatsApp, Line, Viber, etc.); recording keyboards; localization of the target, files, screenshots; tapping microphones and cameras, and the many other possibilities of Galileo – the last product of Hacking Team – have impressed the boss of the State Agency “Technical Operations” (DATO), Tsvetan Kitov. In 2013, he visited the stand of the Italian company at a specialized exhibition and left his contact details. At that time Kitov was still Deputy Chairman of Bulgaria’s State Agency for National Security (DANS/SANS). What followed was a proposal for a meeting and presentation of the software, as revealed by the hacked correspondence of Hacking Team, already available in the search engine of WikiLeaks.

Kitov, himself, did not maintain the correspondence with the Italians since at the end of October 2013 he became chief of DATO, but his colleagues from DANS continued the contact through June 2014. Miroslav Tsvetkov and Assen Kumanov arranged with Hacking Team a live demonstration in Sofia in November 2014.

“We are primarily interested in targeting PCs running Windows and smartphones with Android and iOS. We would like to get better acquaintance with Galileo capabilities, starting from infection, going through data collection, system remote control and ending with destruction of the infection,” Bulgaria’s own spies wrote to the hacker company which is considered an enemy of information by Reporters Without Borders.

Hacking Team has sold such technology to authoritarian regimes that have used it for hunting and crackdown on dissidents, the leaked correspondence reveals. Bulgaria, however, was not able to obtain it until now, the correspondence with DANS reveals.

The spies from DANS invited the Italians to make a demonstration with real devices and agreed that to happen on November 26 and 27, 2014. During the demonstration itself the technical team sent infected Word files and Exploit for Android. Our readers are advised not to open attachments just in case!

After the demonstration, DANS received an offer from Hacking Team, but unfortunately the files with the specific financial parameters have not survived during the exporting of the emails.

Several reminders by Hacking Team followed, until April 3, 2015, when Milko Milenov replied that unfortunately budgetary constraints did not allow the Agency to buy the software. He wrote to Massimiliano Luppi that he sincerely hoped to have a good occasion to correspond next year.

DANS was not able to deal with the PGP keys and exchanged secrets in an encrypted RAR file

The correspondence between DANS and Hacking Team includes some funny moments. Bulgarian counterintelligence officers do not seem able to deal with keys for asymmetric PGP encryption and gave the Italians instructions on how to send them encrypted messages – the text files and images are archived with WinRar or 7zip and there is an agreed in advance password.

 

***

If you find this article useful, support our work with a small donation.

Pay a Bivol Tax!

We will highly appreciate if you decide to support us with monthly donations keeping the option Monthly

You have chosen to donate 10.00€ monthly.

Select Payment Method
Personal Info

Credit Card Info
This is a secure SSL encrypted payment.

Donation Total: 10.00€ Monthly

Извършвайки плащане Вие се съгласявате с Общите условия, които предварително сте прочели тук.

Please, read our Terms and conditions here.

Биволъ не записва и не съхранява номера на Вашата банкова карта. Плащанията се обработват през системата Stripe. Даренията за Биволъ с банкови карти се управляват от френската неправителствена организация Data for Reporters Journalists and Investigations - DRJI.

Bivol is not recording the number of your bank card. The card payments go through Stripe. Card donations for Bivol are managed by the French NGO Data for Reporters Journalists and Investigations - DRJI.

Select Payment Method
Personal Info

Credit Card Info
This is a secure SSL encrypted payment.

Donation Total: 5.00€

Извършвайки плащане Вие се съгласявате с Общите условия, които предварително сте прочели тук.

Please, read our Terms and conditions here.

Биволъ не записва и не съхранява номера на Вашата банкова карта. Плащанията се обработват през системата Stripe. Даренията за Биволъ с банкови карти се управляват от френската неправителствена организация Data for Reporters Journalists and Investigations - DRJI.

Bivol is not recording the number of your bank card. The card payments go through Stripe. Card donations for Bivol are managed by the French NGO Data for Reporters Journalists and Investigations - DRJI.

лв.
 
The current exchange rate is 1.00 EUR equals 2,00 BGN.
Select Payment Method
Personal Info

Внимание: с този метод сумата ще е в лева, а не в евро. Можете да изпратите "Данъкъ Биволъ" електронно през Epay.bg или с банков превод. От територията на България можете също да изпратите пари в брой през EasyPay, или да направите превод през банкомат, поддържащ услугата B-Pay.    

Donation Total: 10,00 лв.

Извършвайки плащане Вие се съгласявате с Общите условия, които предварително сте прочели тук.

Биволъ не записва и не съхранява номера на Вашата банкова карта. Плащанията се обработват през системата Stripe. Даренията за Биволъ с банкови карти се управляват от френската неправителствена организация Data for Reporters Journalists and Investigations - DRJI.

SMS код BIVOL

За да подкрепите с малка сума нашите разследвания и автори, можете да изпратите SMS на кратък номер. Ще получите с обратен SMS линк към нашия архив.

  • Изпрати 1,2 лв. на номер 1851 с код BIVOL и получи достъп до Архивите на Биволъ
  • Изпрати 2,4 лв. на номер 1092 с код BIVOL и получи достъп до Архивите на Биволъ
  • Изпрати 4,8 лв. на номер 1094 с код BIVOL и получи достъп до Архивите на Биволъ
  • Изпрати 12 лв. с два смс-а на номер 1096 с код BIVOL и получи достъп до Архивите на Биволъ

Сумите са с включен ДДС. Моля, имайте предвид, че това е най-неефективният начин да подпомогнете Биволъ, тъй като комисионната на мобилните оператори достига 60%. Ако имате възможност, използвайте някой от другите методи на плащане.

Криптовалути

За да ни изпратите биткойни сканирайте QR кода или използвайте един от двата адреса: Standard: 1EY3iwkPXiby6XFsyCcVPGZPYCGPbPeVcb

Segwit: bc1ql28g7qnvdmenrzhhc7rtk0zk67gg4wd9x9jmmc

This post is also available in: Bulgarian

Вижте също / Read Also