DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Bulgarian hacker “Emil Külev” arrested and detained (1)

Posted on June 30, 2024June 30, 2024 by Dissent

A 21-year-old Bulgarian who allegedly called himself “Emil Külev” online has been arrested by Sofia police.

An announcement from the Prosecutor’s Office of the Republic of Bulgaria stated that they had charged and detained Teodor Iliev for up to 72 hours in connection with a number of computer crimes.

Teodor Iliev (right) sits smiling under a picture of Putin. Source: Sofia Prosecutor’s Office.

Between March 2020 and January 2024, Iliev allegedly illegally accessed the information systems of dozens of state institutions, commercial banks, insurance companies, and other legal entities.

In July 2023, a forum user on BreachForums calling themself “MAGADANS” leaked what they claimed was the database of LEV INS, the largest insurance firm in Bulgaria. At the time, the firm was owned by Alexei Petrov, who would be assassinated the following month.

“It’s funny how fast destiny reaches people who make unsuccessful assassination and kidnapping attempts,” MAGADANS wrote. Without being more specific, the post concluded with the message:

#МълчаниетоСвърши
#НиеСмеСилата
#ВъзмездиетоИдва

Translation :
[#TheSilenceEnds
#WeAreThePower
#Retribution is Coming]

Less than 48 hours later, another new forum user doxed “MAGADANS.” DataBreaches does not know whether all the details are correct, but it identified “Emil Kulev” aka “MAGADANS” as Teodor Vanev Iliev. Redactions in the dox below are by DataBreaches:

Emil Kulev (Емил Кюлев) aka MAGADANS – Теодор Ванев Илиев (Teodor Vanev Iliev)
Телефон(phone): +[redacted]
ЕГН(ID): redacted]
Дата на раждане 07.02.2003 година.(Date of birth 02.07.2003)
Адрес(Address): [redacted]

Очаквайте още информация за 19 годишният “хакер”.
Expect more information about this 19 years old hacker boy. Smile

https://i.ibb.co/FWtQcLD/3.jpg
https://i.ibb.co/pX8YVvr/2.jpg
https://i.ibb.co/MBbYDY3/1.jpg

Apart from Magadans, Külev was associated with a so-called State Agency for Digital Peace.

In September 2023, Questona provided more background on Külev’s background and activities, pointing out the similarities between Külev’s methods and a then-new Bulgarian group, RansomedVC. RansomedVC did confirm that they were affiliated with Magadans.

From a translation of the Sofia Prosecutor’s statement about the arrest of Iliev:

The Sofia City Prosecutor’s Office charged and detained for up to 72 hours Teodor Iliev, 21, in connection with repeated illegal actions (computer crimes) – unauthorized access to information systems of dozens of state institutions, commercial banks, insurance companies and other legal entities , copying and using the relevant data from the information arrays, etc. It was established that the unauthorized access to the databases was carried out in the period from March 2020 to January 2024.

On 28.06.2024, according to pre trial proceedings conducted under the supervision of the SGP, investigators from the “Cyber Crimes” Department of the National Investigation Service, together with employees of the Main Directorate “Combating Organized Crime” – Ministry of Internal Affairs, took actions on the investigation – searches and seizures, where more than 20 addresses on the territory of the country were checked. In the course of the operation, Teodor III., presenting himself in the online space with the pseudonym “Emil Külev”, was found and detained. In the course of the operation, computer equipment was seized, including a personal laptop, which the detainee tried to destroy.

According to Theodore III. charges have been brought under Art. 319a, para. 1; 319b, para. 2, as well as under Art. 216, para. 3 of the Criminal Code.

The assignment of expertise on the seized equipment is pending, Witness interviews were conducted. Actions to investigate the criminal activity of continue.

A prosecutor from the SGP will ask the Sofia City Court to impose a remand measure “detention in custody”.

As of publication, Iliev is still being detained.

“Acted Alone”

Cybersecurity expert Yavor Kolev has been quoted in Bulgarian media as saying he knows the hacker Emil Külev and that he acted alone:

“I know him, he acted alone. After the speculations that he broke into the database of the Lev Ins insurance company, he hid abroad and was out of Bulgaria for a long time. Now that he’s back, our authorities have detained him. When you are in such a criminal business, you exchange a lot of experience and skills with your colleagues and partners. He has no special education. As far as I know, he is absolutely self-taught”, said Yavor Kolev.

Update of June 30: Iliev has been denied bond and remains in custody.

Category: Business SectorNon-U.S.Of Note

Post navigation

← Mass General Brigham fires two employees after patient data breach
Western Australian man set up fake free wifi at Australian airports and on flights to steal people’s data, police allege →

3 thoughts on “Bulgarian hacker “Emil Külev” arrested and detained (1)”

  1. George Floyd says:
    June 30, 2024 at 4:38 pm

    His scams will be missed.

  2. Questo says:
    July 1, 2024 at 6:46 am

    There were some rumors that Emil Kyulev and Impotent/KmetanaEvropa are the same person. Assuming Impotent didn’t lie in the interview you published last year, he would be much older than Kyulev.

    1. Dissent says:
      July 1, 2024 at 12:08 pm

      I was criticized after publishing my interview with Impotent. A lot of people thought I just naively published a lot of lies and that he was larping. There was much more truth in his interview than most people knew or know even now. He may be a scammer or fraudster at times, but he is not a skid, and he is much older than Iliev.

      As to the “Emil Kyulev” moniker, a number of people may have used that moniker. And if they did, whether they were working with Iliev or just decided to use the moniker is unknown at this time. I thought Iliev’s lawyer raised a fair point — that the prosecution needs to have more than just the fact that some anonymous person or persons doxxed Kyulev as Iliev.

Comments are closed.

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • ICE takes steps to deport the Australian hacker known as “DR32”
  • Hearing on the Federal Government and AI
  • Nigerian National Sentenced To More Than Five Years For Hacking, Fraud, And Identity Theft Scheme
  • Data breach of patient info ends in firing of Miami hospital employee
  • Texas DOT investigates breach of crash report records, sends notification letters
  • PowerSchool hacker pleads guilty, released on personal recognizance bond
  • Rewards for Justice offers $10M reward for info on RedLine developer or RedLine’s use by foreign governments
  • New evidence links long-running hacking group to Indian government
  • Zaporizhzhia Cyber ​​Police Exposes Hacker Who Caused Millions in Losses to Victims by Mining Cryptocurrency
  • Germany fines Vodafone $51 million for privacy, security breaches

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • The Decision That Murdered Privacy
  • Hearing on the Federal Government and AI
  • California county accused of using drones to spy on residents
  • How the FBI Sought a Warrant to Search Instagram of Columbia Student Protesters
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Malaysia enacts data sharing rules for public sector
  • U.S. Enacts Take It Down Act

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.
Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report