Bulgarian authorities say that after months of investigation they have busted the “most powerful hacker group” in the country, the Cyber Warrior Invasion. The operation was conducted by Bulgaria’s Sector for Computer Crimes, Intellectual Property and Gambling and the territorial units of the Chief Directorate for Fight with Organized Crime in the municipalities of Pleven, Shumen, Plovdiv, Burgas, Haskovo, Stara Zagora and Kyustendil.
Using cyber “terrorist” methods, the group had attacked more than 500 websites worldwide, including those of financial institutions, web-based companies, and governmental and non-governmental organizations. On the confiscated computers, police discovered databases with large amounts of stolen emails, social network profiles and associated passwords, as well as stolen credit card data.
The site www.cwi-group.org was used by the members of the group to coordinate their activities. Constantly changing its location and using a complex system of "zombie" proxy servers they disguised its true location, and that of the administrators. Despite the attempts to wipe out their tracks, hackers were detected.The investigation unveiled that hacker group members followed a strict hierarchical order, evidencing the high degree of organization and coordination between them. They were structured into different groups according to their access and power: "Administrators", "Moderator", "Scanning team," "Donors / Sponsors", "Sectional moderators", "Friends," "VIP Members" and group "members."
Four laptops, five desktop computers, seven portable digital information devices, three hard discs and over 200 CDs were seized.