New Threat Research: Uncovering Adversarial LDAP Tradecraft

Read Threat Research


New Details in Bulgarian Data Breach Call Into Question Claims of Russian Connection

Unknown Bulgarian: New details were released over the evening about the data breach of the Bulgarian National Revenue Agency (NRA) which calls into question any claims of a connection to Russia.  It was announced that the Bulgarian arrested on Wednesday was 20-year-old cyber-security expert Kristian Boykov.  The Bulgarian Prime Minister described the 20-year-old as a “wizard” hacker with a “unique brain,” and urged that the government should be looking to similarly-skilled hackers to improve security measures.  The investigation though is somewhat disputing that claim.  According to investigators, the breach of the NRA appears to have been more due to poor security measures rather than any sophistication or skill on the part of the attacker.  The police said that while they have found a significant amount of encrypted data on Boykov’s home computers and drives, they are still exploring the possibility that multiple people were involved in the breach.  This is not the first time that Boykov has caught the government’s attention. In 2017 he made national news for exposing flaws in the Education Ministry’s website. On Tuesday another email was sent to Bulgarian media from the same email which was used to send the stolen data to the media in the first place, which claimed that the hacker was a Russian citizen who is married to a Bulgarian woman.  The email also taunted Bulgarian law enforcement, claiming that they would never be able to find him.

Analyst Notes

With a such a confidant email claiming the ineptitude of law enforcement, if Bulgarian authorities really did arrest the wrong person, there will likely be another message sent to the media within the next few days taunting Bulgarian authorities again for arresting the wrong person.