Russia Is Testing Cyber-War Software Made by Bulgarian Company

According to the site Medusa, an attack against the Ukrainian Defense Ministry and the independent internet resource has been carried out from Sofia
Екип на Биволъ

The Chief of Communications of the Russian State Corporation, “Rostec”, Vasily Brovko has been at a meeting in Sofia with the company Packets Technologies, during which the software for DDOS attacks has been demonstrated. The capabilities of the system have been tested against Ukrainian opposition and media sites. “Rostec” and FSB have shown interest in the product, which costs one million US dollars, claims the Russian site Medusa in a correspondence of Daniel Turovskiy from Helsinki.

“Rostec” was created for the making of high-tech production with civilian and military use. It is managed by Sergey Chemezov, who is close to Vladimir Putin, Medusa further explains. During the demonstration on February 5, 2015 at the offices of Packets Technologies in Sofia, the sites of the Ukrainian Ministry of Defense and the site, an independent online resource that publishes critical anti-government articles, have been hacked and taken down.

Turovskiy quotes Alexander Vyara, expert from the company Qrator. He has attended the meeting as an expert in DDOS protection, and has been sent by the company at the request of Vartan Hachaturov, Deputy Head of the Department of Infrastructure Projects, Ministry of Communications and Mass Media. The expert has provided for Turovskiy the correspondence on the subject between Brovko and his boss, which discussed in detail the technical particulars for the most effective realization of the DDOS attack.

“Elephant” under Fire

The Editor-in-Chief of Elephant, Maxim Kashulinskiy, has confirmed for Medusa that a DDOS attack has been registered on February 5, 2015 that has blocked the site for two minutes.

Brovko himself does not deny that he has been in Sofia with Alexander Vyara, but claims that the purpose of the visit was just the opposite – to analyze the system for protection against cyber-attacks, not for carrying out such.

The Head of Qrator, Alexander Lyamin, has also confirmed for Medusa that Vyara had traveled to Sofia to meet Vasiliy Brovko. But according to him, the purpose has been to test a generator of traffic – a system for verifying the sustainability of sites under heavy traffic. “Most likely there was fire at the” Elephant“– a test one, in order to conduct a check,”Lyamin has said.

However, essentially the difference between the generators of traffic and DDOS attackers systems is very relative, while “testing” an internet resource without its knowledge is deemed criminal offense under Bulgarian law.

Recruitment and Eavesdropping by the FSB

After the meeting in Sofia, Russia’s Federal Security Service (FSB, the successor to the KGB) has tried to recruit Alexander Vyara to manage the system for internet attacks. He has refused and the services began to spy on him.

In the past, Alexander Vyara has dealt with cyber security of the sites of the famous oppositionist to Putin – Navalny. At that time, he noticed near his home and his office vehicles on duty, equipped with spying antennas (similar to the “Catchers” used in Bulgaria). After he refused to the secret services to deal with the Bulgarian DDOS software, such vehicles appeared once again outside his home. Fearing for his safety, Vyara sought political asylum in Finland, where he met with the journalist of Medusa and told them about the case.

Cyber Crimes and Attack from Sofia against Foreign Country

The DDOS attacks and the commercialization of such systems that are described in the article are considered to be crimes under the Bulgarian Penal Code. Bivol contacted the Head of the Cybercrimes Department at the Main Directorate for Combatting Organized Crimes (GDBOP) Yavor Kolev. He confirmed that he was aware of the publication and has ordered a probe, but was skeptical about the authenticity of the described technical details of the attack.

If there was a cyber-attack against the Ukrainian Defense Ministry from Bulgarian territory, the Bulgarian State Agency for National Security (DANS), where the military counterintelligence is operating, should also be interested in the case.

Bulgarian Company Packets Technologies Has Israeli and Lithuanian Owners

The company Packets Technologies was founded in March 2014 and its shareholders with equal stakes are Bulgarian national Alex Behar who was born in 1984, Israeli Yuri Gushin, born in the USSR in 1985 and Aviv Pode, born in Israel in 1982, who also has a Lithuanian passport, an check of Bivol in the Trade Registry showed. The domain of the company has been registered in Bulgaria in April 2014 by Robert Olik.

The publication of Medusa mentions an associate of the company, who presented himself as a former associate of the Israeli Army, cybersecurity consultant for major companies and participant in the famous conference on Information Security “Black Hat”, which also includes hackers. His name has not been disclosed.

Packets Technologies successfully launched its activities and in its eight months of existence in 2014 generated a profit of 248,867 levs. The shareholders even distributed a dividend of 14,800 levs each. In June 2015, Behar and Gushin registered in Argentina a company with a similar name and activity – Packets Latam S.R.L..

Bivol was able to reach by phone an employee of the company, who insisted that questions be sent by e-mail to the PR department. No response was received by the time of the publication.



If you find this article useful, support our work with a small donation.

Pay a Bivol Tax!

We will highly appreciate if you decide to support us with monthly donations keeping the option Make this donation monthly.

Select Payment Method
Personal Info

Credit Card Info
This is a secure SSL encrypted payment.

Donation Total: 5€

Извършвайки плащане Вие се съгласявате с Общите условия, които предварително сте прочели тук.

Биволъ не записва и не съхранява номера на Вашата банкова карта. Плащанията се обработват през системата Stripe. Даренията за Биволъ с банкови карти се управляват от френската неправителствена организация Data for Reporters Journalists and Investigations - DRJI.

This post is also available in: Bulgarian