MIT and the Guardian described Bulgaria as “the world’s leading virus factory”

“How Bulgaria became the world’s leading virus factory” – this headline appeared on Monday in the special media selection of the regular newsletter of the Massachusetts Institute of Technology (MIT). The link leads to a free and open access article in the UK’s Guardian newspaper, titled “On the trail of the Dark Avenger: the world’s most dangerous virus creator”.

“The creator of some of the most malicious programs has been anonymous for more than three decades,” commented the editor of the MIT special selection before providing the link to the article (the special media selection in the MIT newsletter is a collection of 10-20 headlines from the world’s media on 10 current “must read” topics – b.a.). The “Guardian” publication itself tells about the dark times in the 1980s, when “for lovers of computer viruses, there is no better place in the world than Bulgaria.”

The article of the famous British publication was published on May 9 at around 06:00 UK time. That same day, it found its place in the MIT newsletter, sent out just a few hours later.

Talented and bored

The plot revolves around the personality of a young IT engineer named Veselin Bonchev and an unknown villain who creates computer viruses and ventures into the computer world under the alias Dark Avenger. In an eye-watering 25,000 characters – five times the length of an article like this one – the Guardian tells how the young scientist Bonchev researched the emergence of early computer infections. He, according to the publication, commented on it in the media of the time, which, however, “inspired even more virus writers”.

The article of the British newspaper also refers to the founder of the Hamburg Virus Testing Center, Morton Swimmer, who “was quoted in a New York Times article from 1990: “Bulgarians not only produce the most computer viruses, they produce the best “.

“The Bulgarian virus factory was a factory in the sense of Andy Warhol: a loose collective of young Bulgarian men (they were all men) who were very intelligent and bored. “Writing (virals) has become a source of intellectual stimulation and a form of social distinction,” the Guardian reports.

The publication emphasizes that the mansion behind the Dark Avenger moniker remains unknown. “That someone or any group can wreak havoc on a global scale and stay missingis remarkable, especially considering that Bulgaria is a small country…” writes the author. “The Dark Avenger’s obscurity was a harbinger of upcoming ones things. A new generation will use the veil of anonymity to operate with complete impunity. And they would flood the emerging global network with new types of self-replicating malware far more destructive than anything created by the Dark Avenger, many of which we still live with today.”

There is a small explanatory note at the end of the article. She specifies that the post is an “edited excerpt” from a book titled “Fancy Bear Goes Phishing: The Dark History of the Information Age, in Five Extraordinary Hacks” by Scott Shapiro, who also wrote the newspaper article itself.

The extremes of the pendulum

The story told in the book and the article mostly takes place in the last decades of the last century. Many of the older professionals in the IT industry remember Bonchev and the events touched on in the narrative well.

But like the pendulum of a wall clock swings between two extreme positions, in the following decades Bulgaria has come a long way in IT development, reaching the other extreme: over the years it has become a center of IT talent, where quite a few of the world’s leading technology companies build its key development centers.

HP and SAP, Visteon and Bosch are some of the global technology giants that created large technical teams in our country in the new century. For years, the developer of warehouse robots and automation Ocado Technology has also been here, development teams have IBM и VMwarewhich creates the core of its software in Sofia, the US Progress, Micro Focus, the German one Software AG, Endava, several major game and entertainment software developers and a whole list of names. Only in the last year, the Canadian IT company Adastra, the software developer DataArt, the American company for AI systems LivePerson opened units in our country – and not only in Sofia, but also in Ruse, Varna.

A number of global companies from other industries already have technical and development IT teams in our country. For example, Coca-Cola’s IT center in Bulgaria has been a key part of the corporation’s global IT network for over 5 years. The arrival of the Japanese Nidec in Sofia was loudly commented on, being part of a larger trend in our country to concentrate the development of automotive software for leading brands from the automotive industry.

It is probably even more telling that for several years, the leading development center of Acronis has been located in Bulgaria – one of the big global names precisely in the world of IT security. Their office is a workplace for several hundred people. Also in our country, the French IT giant Atos has its global center for cyber security, also located in Sofia.

Development centers are famous for their solid remuneration for their employees and generous social packages. It is common practice for people in their teams to volunteer in various charitable endeavors. IT companies even provide special working days for such purposes. It was the IT business that played a leading role in ending the vicious practices that came to be known as “gray economy“.

By all accounts, it seems that from a paradise for computer virus authors in the 80s, Bulgaria has gradually become the heart of the development of some of the most powerful software systems in the technological world in general and in the field of cyber security in particular.

Kato yin and yang

Against the background of the change, one can probably find enough examples that Bulgarian engineering talent is still involved in the “dark networks” and the world of cybercrime. “Bulgaria, although a small country, has always been distinguished by talented people on both sides of the barricade,” says Zlatomir Milanov, security solutions engineer at COMPUTER 2000 Bulgaria, who commented on the publication of “Guardian“. Milanov compares the story of engineer Veselin Bonchev and the villain Dark Avenger to the eternal struggle between yin and yang, the benevolent and malicious use of the same tool, be it a knife, a rifle or computer code.

This struggle of extremes is always in progress. But there is something that is different today: motivation. “Modern cyberattacks do not happen by an individual writing programming code in the basement of his house, as depicted in numerous media. We are talking about highly organized groups aiming for much more serious benefits such as financial receipts, sabotage and espionage,” says Milanov. It confirms the observations of many other cybersecurity experts. “These groups are often sponsored, sometimes even by a government, or provide their malicious tactics and techniques to third parties for a fee.”

Gone are the talented and bored engineers seeking their 5 minutes of fame through mischievous ingenuity. And in well-organized cyber-attack groups, other nationalities play the leading role.