Bulgarian Hacker “Emil Külev” Arrested

Pietro Melillo : 1 July 2024 16:39

On June 30, 2024, the Sofia police arrested Teodor Iliev, a 21-year-old Bulgarian who called himself “Emil Külev” online. The announcement was made by the Prosecutor’s Office of the Republic of Bulgaria, which stated that they had charged and detained Iliev for up to 72 hours in connection with numerous computer crimes.

The Charges

Teodor Iliev, also known online as “MAGADANS,” is accused of illegally accessing the information systems of dozens of state institutions, commercial banks, insurance companies, and other legal entities between March 2020 and January 2024. In July 2023, a user on the BreachForums called “MAGADANS” revealed what they claimed was the database of LEV INS, the largest insurance company in Bulgaria, which was then owned by Alexei Petrov, who was assassinated the following month.

The Arrest and Evidence

On June 28, 2024, as part of preliminary proceedings supervised by the Sofia City Prosecutor’s Office, investigators from the “Cyber Crimes” Department of the National Investigation Service, along with employees from the General Directorate for Combating Organized Crime of the Ministry of Interior, conducted searches and seizures at over 20 addresses nationwide. During the operation, Teodor Iliev, who presented himself online as “Emil Külev,” was found and detained. Computer equipment, including a personal laptop that Iliev attempted to destroy, was seized.

Future Prospects

The Sofia City Prosecutor’s Office has requested the court to impose a remand measure of detention in custody for Iliev. The investigations continue with the analysis of the seized equipment and the interrogation of witnesses. Iliev is currently still detained.

Conclusion

The case of Teodor Iliev highlights the increasing risks and challenges of cybersecurity. His alleged criminal activity, which spanned several years, had a significant impact on numerous institutions and companies. His capture represents an important step in the fight against cybercrime but also underscores the need for continuous vigilance and enhanced security measures to protect sensitive information from digital threats.

Pietro Melillo
Head of the Dark Lab group. A Computer Engineer specialised in Cyber Security with a deep passion for Hacking and technology, currently CISO of WURTH Italia, he was responsible for Cyber Threat Intelligence & Dark Web analysis services at IBM, carries out research and teaching activities on Cyber Threat Intelligence topics at the University of Sannio, as a Ph.D, author of scientific papers and development of tools to support cybersecurity activities. Leads the CTI Team "RHC DarkLab"