Infecting computers and smartphones and collecting different information from them such as Skype traffic, various chat applications (Facebook, WhatsApp, Line, Viber, etc.); recording keyboards; localization of the target, files, screenshots; tapping microphones and cameras, and the many other possibilities of Galileo – the last product of Hacking Team – have impressed the boss of the State Agency “Technical Operations” (DATO), Tsvetan Kitov. In 2013, he visited the stand of the Italian company at a specialized exhibition and left his contact details. At that time Kitov was still Deputy Chairman of Bulgaria’s State Agency for National Security (DANS/SANS). What followed was a proposal for a meeting and presentation of the software, as revealed by the hacked correspondence of Hacking Team, already available in the search engine of WikiLeaks.

Kitov, himself, did not maintain the correspondence with the Italians since at the end of October 2013 he became chief of DATO, but his colleagues from DANS continued the contact through June 2014. Miroslav Tsvetkov and Assen Kumanov arranged with Hacking Team a live demonstration in Sofia in November 2014.

“We are primarily interested in targeting PCs running Windows and smartphones with Android and iOS. We would like to get better acquaintance with Galileo capabilities, starting from infection, going through data collection, system remote control and ending with destruction of the infection,” Bulgaria’s own spies wrote to the hacker company which is considered an enemy of information by Reporters Without Borders.

Hacking Team has sold such technology to authoritarian regimes that have used it for hunting and crackdown on dissidents, the leaked correspondence reveals. Bulgaria, however, was not able to obtain it until now, the correspondence with DANS reveals.

The spies from DANS invited the Italians to make a demonstration with real devices and agreed that to happen on November 26 and 27, 2014. During the demonstration itself the technical team sent infected Word files and Exploit for Android. Our readers are advised not to open attachments just in case!

After the demonstration, DANS received an offer from Hacking Team, but unfortunately the files with the specific financial parameters have not survived during the exporting of the emails.

Several reminders by Hacking Team followed, until April 3, 2015, when Milko Milenov replied that unfortunately budgetary constraints did not allow the Agency to buy the software. He wrote to Massimiliano Luppi that he sincerely hoped to have a good occasion to correspond next year.

DANS was not able to deal with the PGP keys and exchanged secrets in an encrypted RAR file

The correspondence between DANS and Hacking Team includes some funny moments. Bulgarian counterintelligence officers do not seem able to deal with keys for asymmetric PGP encryption and gave the Italians instructions on how to send them encrypted messages – the text files and images are archived with WinRar or 7zip and there is an agreed in advance password.

***

If you find this article useful, support our work with a small donation.

Pay a Bivol Tax!

We will highly appreciate if you decide to support us with monthly donations keeping the option Make this donation monthly.

Donation Amount: € 5.00 €

10.00 €

20.00 €

50.00 €

100.00 €

Друга сума Would you like to help cover the processing fees? Искам да платя и таксите за транзакцията за моя данъкъ / I'd like to cover the transaction fees of 0 Включвам се Select Payment Method Debit or Credit Card

Cards on Stripe

PayPal Personal Info First Name * Last Name Email Address * Make this an anonymous donation. Create an account Already have an account? Login Искам да се абонирам за новини от Биволъ / I want to subscribe to Bivol newsletter Donation Total: 5.00€ {amount} donation plus {fee_amount} to help cover fees. Извършвайки плащане Вие се съгласявате с Общите условия, които предварително сте прочели тук. Биволъ не записва и не съхранява номера на Вашата банкова карта. Плащанията се обработват през системата Stripe. Даренията за Биволъ с банкови карти се управляват от френската неправителствена организация Data for Reporters Journalists and Investigations - DRJI.

This post is also available in: Bulgarian