Bulgarian IT expert arrested after demoing vulnerability in kindergarten software

Handcuffs

Bulgarian authorities have arrested an IT specialist for demonstrating a security flaw in the software used by local kindergartens.

The vulnerability allowed the IT expert, named Petko Petrov, to download the details of 235,543 citizens of Stara Zagora, a province in central Bulgaria with over 333,000 inhabitants.

Petkov demoed the security flaw in a video he posted on Facebook earlier this week, on June 25.

The video shows Petkov launch an automated attack against the local municipality’s web portal where parents can sign up children for kindergarten, and using the security flaw to obtain data of Bulgarian citizens.

Coinbase 2

In a caption posted with the Facebook video, Petkov said he tried to contact the software maker and local authorities but was ignored.

He posted the code on GitHub

The Facebook caption also included a link to a GitHub repository where anyone could download the code for exploiting the vulnerability.

Following Petkov’s public disclosure, Bulgarian authorities arrested the security researcher on Friday. He was jailed for 24 hours but was subsequentially set free.

Local prosecutors are still pending charges under Article 319A of the Bulgarian Criminal Code, on accusations of obtaining government information using illegal methods. If charged and found guilty, Petkov faces from one to three years in prison, and a fine of up to 5,000 Bulgarian leva ($2,900), according to local press [1, 2, 3, 4].

Same software used in other provinces

In the meantime, Stara Zagora officials have taken down the vulnerable software.

The mayor of the city of Stara Zagora told local media[1, 2, 3] that the software maker has not responded to requests for comments from government officials.

The Stara Zagora mayor said the company, named Information Services AD, will have to fix its software on its own expense.

Petkov said the same software is also used in other Bulgarian provinces, meaning hackers may have an open door to harvest Bulgarian citizens’ data.

The data collected via the vulnerability Petkov found includes information usually stored inside a central national database managed by the Department Civil Registration and Administrative Services (GRAO).

According to its website, the GRAO’s database “is like the Social Security Number (or similar) identification in other countries.”

“The system stores as personal data names, addresses, marital status, death, parentage, passport data, nationality and relatives – children, brothers and sisters of about 10.5 million citizens (counting 2 million dead people).”

More vulnerability reports:

Bulgarian IT expert arrested after demoing vulnerability in kindergarten software 1
blank
About the author

E-Crypto News was developed to assist all cryptocurrency investors in developing profitable cryptocurrency portfolios through the provision of timely and much-needed information. Investments in cryptocurrency require a level of detail, sensitivity, and accuracy that isn’t required in any other market and as such, we’ve developed our databases to help fill in information gaps.

Related Posts

blank

E-Crypto News Executive Interviews


blank

bitcoin
Bitcoin (BTC) $ 39,075.00
ethereum
Ethereum (ETH) $ 2,621.52
tether
Tether (USDT) $ 1.00
binance-coin
Binance Coin (BNB) $ 329.83
cardano
Cardano (ADA) $ 1.36
xrp
XRP (XRP) $ 0.719950
usd-coin
USD Coin (USDC) $ 1.00
dogecoin
Dogecoin (DOGE) $ 0.198784
polkadot
Polkadot (DOT) $ 18.45
binance-usd
Binance USD (BUSD) $ 1.00
USD
EUR
GBP
bitcoinBitcoin (BTC)
$ 39,075.00
ethereumEthereum (ETH)
$ 2,621.52
tetherTether (USDT)
$ 1.00
bitcoin-cashBitcoin Cash (BCH)
$ 539.32
litecoinLitecoin (LTC)
$ 141.44
bitcoinBitcoin (BTC)
32.884,50
ethereumEthereum (ETH)
2.206,20
tetherTether (USDT)
0,841574
bitcoin-cashBitcoin Cash (BCH)
453,88
litecoinLitecoin (LTC)
119,03
bitcoinBitcoin (BTC)
28,124.43
ethereumEthereum (ETH)
1,886.85
tetherTether (USDT)
0.719755
bitcoin-cashBitcoin Cash (BCH)
388.18
litecoinLitecoin (LTC)
101.80

Automated trading with HaasBot Crypto Trading Bots

Crypto Scams

blank
The World’s Most Infamous Crypto Hacks and Scams
July 31, 2021
Cryptocurrency Exchanges
Cryptocurrency Exchanges and the Plague of Scams and Bans
June 29, 2021
blank
What Role Do Cryptocurrencies Play In The Era Of Ransomware Attacks?
June 9, 2021
Crypto Scams On The Rise As Market Enters Bull Cycle
Crypto Scams On The Rise As Market Enters Bull Cycle
December 22, 2020
Harpreet Singh Sahni perpetrated the Plus Gold Union Coin (PGUC) scam
Sydney Concert Promoter Harpreet Sahni Involved In $50M Crypto PGUC Scam
November 2, 2020

Blockchain/Cryptocurrency Questions and Answers

Short-Sell Cryptocurrency
How to Short-Sell Cryptocurrency: A Brief Overview
July 17, 2021
Klaytn
What Is Klaytn (KLAY) And How Does It Work?
July 16, 2021
Cryptocurrencies
Our Crypto Roundup Interview Asks- Do Cryptocurrencies Have a Future?
July 15, 2021
Solana
What Is Solana (SOL) And How Does It Work?
June 26, 2021
blank
What Is Plethori Platform And How Does It Work?
June 12, 2021


CryptoCurrencyUSDChange 1hChange 24hChange 7d
Bitcoin39,194 0.47 % 2.33 % 0.30 %
Ethereum2,643.5 1.30 % 5.12 % 15.31 %
Tether1.000 0.04 % 0.14 % 0.29 %
Binance Coin331.13 0.63 % 2.82 % 5.63 %
Cardano1.360 0.12 % 1.63 % 7.19 %
XRP0.7246 0.58 % 1.25 % 12.81 %
USD Coin1.000 0.15 % 0.17 % 0.13 %
Dogecoin0.2000 0.41 % 1.43 % 2.24 %
Polkadot18.60 0.73 % 6.72 % 29.86 %
Binance USD1.000 0.30 % 0.35 % 0.32 %

bitcoin
Bitcoin (BTC) $ 39,214.00
ethereum
Ethereum (ETH) $ 2,691.23
tether
Tether (USDT) $ 0.999690
binance-coin
Binance Coin (BNB) $ 332.19
cardano
Cardano (ADA) $ 1.37
xrp
XRP (XRP) $ 0.724521
usd-coin
USD Coin (USDC) $ 0.998860
dogecoin
Dogecoin (DOGE) $ 0.199630
polkadot
Polkadot (DOT) $ 19.01
uniswap
Uniswap (UNI) $ 23.35