How the PF accessed Cid’s cell phone, Bolsonaro’s former assistant – 05/25/2023 – Politics

The Federal Police took months to be able to access all the data stored by Lieutenant Colonel Mauro Cid, assistant to Jair Bolsonaro (PL), used in investigations that target the former president, Michelle Bolsonaro and other presidential advisors.

In the inquiry into the leak of the investigation of the hacker attack on the TSE (Superior Electoral Court), although Cid’s breach of telematic secrecy was carried out in 2021, between August and September, it was only in June of the following year that the PF produced the first report with the information that today has been used in at least three investigation fronts.

The messages found in Cid’s Google Drive and iCloud cloud are now the basis for investigations into the alleged embezzlement of money from the Presidency, Bolsonaro’s coup attempts (September 7, 2021 and January 8, 2023) and fraud in the insertion of data in the vaccination system of the Ministry of Health.

A Sheet found that access to the data was only possible after the case left the PF superintendence in the Federal District and migrated to the DIP (Police Intelligence Directorate), located in the corporation’s headquarters building, in Brasília.

The change of location occurred after the delegate Denisse Ribeiro, then responsible for all inquiries reported by Alexandre de Moraes, of the STF (Federal Supreme Court), went on maternity leave in February 2022.

The case then began to be handled by delegate Fabio Shor, who was part of Denisse’s team and was appointed by her to the Minister of the STF. He is the one who works in the investigation until today. The delegate asked for the arrest of Cid and the search against Bolsonaro, which were carried out on the 3rd of May.

Before going to the DIP, the Setec (Technical-Scientific Sector) police officers of the PF in the DF had managed to access a small part of the content, which generated only an analysis report cited at the conclusion of the investigation into the leak by Cid and Bolsonaro of the investigation of the hacker attack on the TSE system.

At DIP, during Márcio Nunes’ director-general at the PF, experts and technicians pored over the archives and managed to find a method to find the data stored in the clouds.

With Moraes’ method and determination on May 2, 2022 to produce a detailed report on Cid’s files, dozens of reports penetrated the day-to-day of the Presidency.

In the first report after access, dated June 2022, the PF explains how the data was stored.

“The material from the company Apple was subjected to a new way of processing and organizing the data. This resulted in a more optimized categorization of the information and, consequently, greater ease in analyzing the material in the context of the investigation”, says the PF.

In the folders related to WhatsApp found in the cloud, for example, the number of all participants did not appear, only the identification number of that group followed by the telephone number of who probably created it.

When sending the report to Moraes, delegate Fabio Shor suggested that the data found with Cid be analyzed with those collected by the survey of the digital militias.

When suggesting the method of analysis, the delegate said that the investigation investigates the “existence of a criminally complex organization, with a strong digital presence and with production, publication, financing and political nuclei with the objective of attacking the democratic rule of law”.

The PF also explains in the report the particularities because it is the extraction of data from the cloud, and not from Cid’s cell phone. He claims that it was not possible to “identify all the numbers that make up the WhatsApp groups” and that “no text messages typed within the application were obtained”.

“Another limitation, in this method, concerns the dates of the files. Since it is a telematic break of data in the cloud, the dates of creation of the files do not correspond to the date of creation of the file in the shortcut, but the date on which these files have been synced to Apple’s servers.”

The first report produced based on the analysis of material found in Apple’s cloud revealed to the PF the receipts of financial transactions that led to the suspicion of embezzlement of public money from the Presidency.

In the second report, the PF managed to access some of Cid’s audio and interlocutors. They talk about the case of the death of a member of the then president’s support for orders and agendas.

The third details Cid’s conversations with an advisor to the former first lady that led to the suspicion that the alleged embezzlement of Presidency money would have been at the behest of Michelle Bolsonaro.

Based on these first reports, the PF asked Cid, other assistants and two of Michelle’s advisors to break bank secrecy. The case was revealed by Sheet in September 2021.

After the first telematic break, in 2021, Cid was the target of two more, in December 2022 and January 2023.

In addition, Moraes authorized other breaches of bank, tax and telematic secrecy of people linked to Bolsonaro that are still analyzed by the PF and that should be used in ongoing investigations.