2025 MD-Series Q3 Release Note Highlights

The digital forensics landscape continues to evolve at a rapid pace, demanding tools that keep up with the latest devices, applications, and data sources. At GMDSOFT, we’re committed to staying ahead of these challenges by continuously enhancing our MD-Series solutions to meet the growing needs of forensic investigators worldwide. 

This quarter, we’re proud to introduce significant updates across our entire MD-Series product line. Our Q3 release represents months of dedicated research and development, focusing on expanding device support, strengthening app analysis capabilities, and introducing new extraction methods that empower investigators to uncover critical evidence more efficiently than ever before. 

From supporting over 200 new phone models to enhanced cloud-based extraction capabilities, these updates reflect our ongoing commitment to providing law enforcement agencies, corporate security teams, and forensic professionals with the most comprehensive mobile forensics solutions available. 

📱 MD NEXT 

• Support for 24 manufacturers, 202 new phone models 

• 87 models with additional extraction methods 

• Supports auto-analysis with MD-RED v4 

📤MD-RED 

• 20 new Android apps, 14 iOS apps supported 

• Enhanced analysis of Firebase Cloud Messaging 

👮🏻‍♀️ MD-LIVE 

• Added App Plus & App Backup methods for Android 

• Chat scanner with Signal messenger integration 

🚁 MD-DRONE 

• Flight log extraction using cloud app account information 

🎥 MDVIDEO AI 

• Expanded U.S. number plate restoration: Hawaii, Maine, Montana, Rhode Island, South Dakota, Vermont, West Virginia (All states of U.S are now supported!) 

• Multi-input number plate restoration: Brazil, United States (Arkansas, Maine, Nevada, Oregon, Rhode Island South Dakota, Vermont, West Virginia) 

These Q3 enhancements represent just the beginning of what we have planned for the MD-Series. Our development team is already preparing the next round of updates, bringing auto-scrolled screenshot, a new unlocking add-on module, and more powerful features to tackle emerging challenges in digital forensics. 

Ready to experience these powerful new capabilities firsthand? Contact our team to learn more about how the MD-Series can enhance your forensic investigations or ask for trial to see these features in action. For detailed documentation on these updates and step-by-step guides, reach out to GMDSOFT sales team. 

 

GMDSOFT Tech Letter Vol15.Analyzing Anti-Forensic Traces Left by Location Spoofing Apps

Location information is a vital piece of digital evidence used to map a subject’s movements and validate alibis. Location spoofing apps compromise the integrity of data by hiding real travel routes or fabricating alibis. For instance, there have been cases where suspects used a spoofing app to simulate being away from a crime scene, while simultaneously taking multiple photos to support their false claim.

Such practices fall under anti-forensic techniques, specifically the category of data modification. By altering or fabricating data, location spoofing undermines the reliability of digital evidence and complicates forensic analysis.

This article aims to introduce the main features of three widely used location spoofing apps: Fake GPS Location, GPS Emulator, and Fly GPS. It also explains the types of forensic artifacts that can be recovered during analysis. The findings are based on devices with Android 12, using Fake GPS Location v90.0, GPS Emulator v3.02, and Fly GPS v7 (free versions).

Index

1.Location Spoofing App

A location spoofing app works by feeding the system with fake coordinates generated by the app instead of real GPS signals. As a result, the device appears to be in a different location. This section explains the key features supported by three common spoofing apps: Fake GPS Location, GPS Emulator, and Fly GPS.


To use an installed spoofing app, go to Settings > Developer options > Select mock location app, and assign the app.

1.1 Fake GPS Location

Location Search

Use the search bar at the top of the screen to enter an address. Once entered, the Save icon icon moves to the corresponding location.

Virtual Location Setup

Run the app and swipe across the map to move to the desired location. Tap on the map, and the Save iconmarker will shift to that point. Select [Start Fake GPS] to set the device’s coordinates to the desired location. Fake GPS Location only supports setting a fixed location.

Favorites

After setting a location, tap the Save iconicon at the bottom-right corner to save it as a favorite. You can view all saved favorites by tapping the Save iconicon. Selecting a favorite will reposition the map to that location. Fake GPS Location does not provide an option to delete saved favorites.

1.2 GPS Emulator

Location Search

Tap the Save iconicon at the top-right corner and enter an address in the search bar to move to that location.

Virtual Location Setup

GPS Emulator offers two options, one that allows users to set a fixed virtual location and the other to simulate travel routes.

•Fixed Location: Swipe the map to the desired point and tap the Save iconicon at the bottom of the screen. The Save iconmarker will appear at that point, and the device will use it as the virtual location. Tap the Save iconicon to stop spoofing.

•Movement Path: Select the Save icon
icon at the top-left corner > New route to configure paths manually or automatically.

    ・Manual: Swipe the map to set a start and end point. You can connect the points with a straight line.

    ・ Auto: Generate a path that follows roads or sidewalks, simulating travel routes.

Favorites

Tap the Save iconicon at the bottom-right corner to save a fixed location as a favorite. Go to Save icon
icon at the top-left corner > Bookmarks > Locations & Routes to view the saved favorites.

Location Spoofing History

Go to Save icon icon at the top-left corner > Bookmarks > History to view the records of spoofed locations. Tap the Save iconicon to remove entries from the list.

1.3 Fly GPS

Location Search

Tap the Save iconicon at the top-right corner and enter an address in the search bar to move to that location.

Virtual Location Setup

Fly GPS offers two options: Fixed Location Mode for setting a static spot, and Move Location Mode for simulating movement routes as if a user is physically moving.

• Fixed Location Mode: Swipe the map and tap the desired location. A marker Save iconwith a popup menu will appear. Select the popup menu > GPS Service Run > Fixed Location Mode to set the virtual coordinates.

• Move Location Mode: Begin by setting a start point the same way as in Fixed Location Mode. Select the popup menu > GPS Service Run > Move Location Mode. Once the start point is set, use the gray directional pad displayed in the bottom-right corner to simulate movement along a path.

Favorites

Select the popup menu > Add to favorites to save the location. Go to Favorites at the top-right of the screen to view the saved favorites. You can reuse the saved items and display them again on the map. Fly GPS support deletion in favorites.

Location Spoofing History

Go to at the top-left corner > History to view the timestamp and location details of spoofed positions. Fly GPS does not support deletion in history.

1.4 Summary of Key Features by App

The main features provided by each app can be summarized as follows:

• Fake GPS Location: In the free version, only location search and favorites are supported. It is limited to setting a single fixed location.

• GPS Emulator: Offers the most comprehensive feature set, including location search, favorites, fixed location, movement path, and location spoofing history. It supports both manual and automatic options (based on roads and sidewalks) for virtual location setup, allowing for more precise manipulation.

• Fly GPS: Supports location search, favorites, fixed location, movement path, and location spoofing history. One distinctive feature is that location spoofing history cannot be deleted, which can provide valuable forensic evidence.

The summary of key features by app can be summarized as follows:

Fake GPS Location GPS Emulator Fly GPS
Location Search O O O
Fixed Location O O O
Movement Path X O O
Location Spoofing History X O O
Favorites O O O

2.Available Information

2.1 Location Search

Location search is a common feature in location spoofing apps. It stores location search history data, which can be used to verify user behavior, such as manually searching for a specific address to change device coordinates. However, location search data is only stored in specific location spoofing apps. Apps like Fake GPS Location and Fly GPS support this feature, but does not retain location search history.

The save paths and target files containing location search data for each app are summarized below.

App Save path Target file
Fake GPS Location Data is not saved
GPS Emulator /data/com.rosteam.gpsemulator/shared_prefs/ com.rosteam.gpsemulator_preferences.xml
Fly GPS Data is not saved

2.2 Location Spoofing History

Location spoofing history records coordinates and related data. GPS Emulator and Fly GPS support this feature. In GPS Emulator, spoofing history can be deleted within the app, removing corresponding entries from the target file. Fly GPS does not support deleting spoofing history, making it valuable for forensic analysis.

The save paths and target files containing location spoofing history data for each app are summarized below.

App Save path Target file Notes
Fake GPS Location Feature is not supported
GPS Emulator /data/com.rosteam.gpsemulator/shared_prefs/ com.rosteam.gpsemulator_preferences.xml If history is deleted from the app, data is also deleted.
Fly GPS /data/com.fly.gps/databases FLYGPS_DATABASE Delete feature is not available

2.3 Movement Route

Location spoofing apps allow users to simulate movements. GPS Emulator and Fly GPS offer this feature. In GPS Emulator, you can manually or automatically manipulate the movement route. In Fly GPS, you can navigate the arrow icons after setting a start point.

The save paths and target files containing movement route data for each app are summarized below.

App Save path Target file Available information
Fake GPS Location Feature is not supported
GPS Emulator /data/com.rosteam.gpsemulator/shared_prefs/ com.rosteam.gpsemulator_preferences.xml Latitude/longitude, speed, fixed/variable status
Fly GPS Data is not saved

2.4 Favorites

Favorites allow you to bookmark frequently used locations for quick access, eliminating the need to repeatedly enter addresses. This feature is supported by all three apps, enabling faster and more convenient spoofing of recurring locations.

The save paths and target files containing favorites data for each app are summarized below.

App Save path Target file Available information
Fake GPS Location /data/com.hopefactory2021.fakegpslocation/files/io.paperdb/ favorites.pt
favorites_coordinates.pt		 Name of favorite
Latitude/longitude of favorited item
GPS Emulator /data/com.rosteam.gpsemulator/shared_prefs/ com.rosteam.gpsemulator_preferences.xml
Fly GPS /data/com.fly.gps/databases/ FLYGPS_DATABASE

3. Summary

Location spoofing is an anti-forensic practice that disrupts investigations by concealing or altering digital evidence. It falls under the category of data modification, in which data is manipulated to hinder forensic analysis.

Typical features of location spoofing apps include location search, fixed location spoofing, movement path simulation, and favorites.

All three apps store data when the favorites feature is used.

Among them, GPS Emulator retains the most extensive data, including search records, location spoofing history, and movement paths. Fly GPS is particularly noteworthy because spoofing history cannot be deleted, making it especially useful for forensic analysis.

 

GMDSOFT Tech Letter Vol14.Data Analysis Using WhatsApp Backup Feature

WhatsApp is one of the most widely used mobile messaging applications globally, with over 2 billion users across 180 countries. It protects user communications with end-to-end encryption to prevent third parties from reading them, and offers convenient features that allow users to automatically backup their data regularly or store end-to-end encrypted backups.

In particular, WhatsApp’s chat backup feature can be used to collect chat data when the app data area is inaccessible on a mobile device. The backup files generated via this chat backup feature are stored in the media area, making them easier to obtain. These files may also contain deleted records by the user, which can serve as crucial evidence in investigations.

This article aims to explain WhatsApp’s built-in backup features, compare the original DB and backup DB, and highlight the available information in the backup file. It is based on data extracted from WhatsApp v2.25.12.74 for Android.

WhatsApp Backup Feature

WhatsApp provides two different methods for backup: the Automatic Backup feature, which generates a chat backup at a specified interval, and the End-to-End Encrypted Backup feature, which applies end-to-end encryption when generating a chat backup.

Automatic Backup

You can select the time interval for backup: daily, weekly, monthly, or only when you tap ‘Automatic backups’ to initiate backup.

  1. Select the three-dot menu icon and go to ‘Settings’ > ‘Chats’.

  1. Select ‘Automatic backups’ and choose the backup interval.

End-to-End Encrypted Backup

You can create an end-to-end encrypted chat backup.

  1. Select three-dot menu icon and go to ‘Settings’ > ‘Chats’.

  1. Go to ‘Chat backup’ > ‘End-to-end encrypted backup’ and tap [Turn on].

  1. Tap [Use 64-digit encryption key instead] > [Generate your 64-digit key]. Make sure to save the key securely. Then, tap [Continue].

  1. Select [I Saved My 64-digit Key] > [Create] to start the backup process. Wait until the ‘Backing up messages’ progress message disappears.

WhatsApp Chat DB Comparison: Original VS Backup

Backup File and Decryption Key Save Location

WhatsApp stores its backup DB in different formats depending on the selected backup method.

• When using the ‘Automatic backup’ feature, the chat DB are encrypted in .crypt14 format and stored in the media area.

• When using the ‘End-to-end encrypted backup’ feature, the chat DB are encrypted in .crypt15 format and stored in the media area.

• If a user has used WhatsApp multi-account, separate backup files can be created for each account, and a backup DB is generated per each account.

The table below summarizes the information above:

Target Prerequisite DB Save Location (Based on Android 11) Decryption Key Save Location
msgstore.db Chatroom DB saved by default /data/com.whatsapp/databases
msgstore.db.crypt14 Generated upon automatic backup /media/0/Android/media/com.whatsapp/WhatsApp/Databases/ /data/com.whatsapp/files/key
msgstore.db.crypt15 Generated upon end-to-end encrypted backup /media/0/Android/media/com.whatsapp/WhatsApp/Databases/ /data/com.whatsapp/files/encrypted_backup.key
*when multi-account is in use:
/media/0/Android/media/com.whatsapp/WhatsApp/accounts/[number]/Databases/msgstore.db.crypt15
• [number] can be incremented sequentially from 1001.		 *when multi-account is in use:
/data/com.whatsapp/accounts/[number]/files/encrypted_backup.key

When a new account is created following multi-account deregistration, the folder name under the ‘account’ folder increases sequentially by 1.

❗️

WhatsApp Multiple Account Feature

When two accounts are registered on the same Android device, you can switch between accounts to use them. Since each account requires verification with a different phone number, this feature is only available on devices with dual SIM support or with a separate phone number. To learn more about the multi-account feature, please refer to the Appendix or WhatsApp official website.

Available Information

You can find the following information in both original DB (msgstore.db) and the backup DB (msgstore.db.crypt15):

• Active records in chatroom

• Deleted records in chatroom (In backup files, some deleted record may not be available.)

The original DB and backup DB have the same structure, with similar retention period and available information. Both active records and deleted records from the original DB can be found in the backup files. However, some deleted records may not be available for analysis as they are automatically cleaned up by the system during the backup process.

Target Available Information Backup storage period End-to-End Encryption
msgstore.db Chatroom and message data Same
msgstore.db.crypt15 Active and deleted records in msgstore.db (Some deleted records may not be found.) O

Summary

  1. WhatsApp backup DB files are stored in the media area, so you can utilize the backup feature to extract WhatsApp data alongside the Full Filesystem and ADB extraction methods.
  2. The ‘End-to-end encrypted backup’ feature generates a backup DB encrypted in .crypt15 format. You can use the 64 keys generated during the backup process to decrypt these files.
  3. You can analyze active and deleted records of the original DB (msgstore.db) in the end-to-end encrypted backup (msgstore.db.crypt15). However, some deleted records may not be available for analysis if they were cleaned up during the backup process.

Appendix

How to Create Multi-Account

  1. Select three-dot menu icon > ‘Settings’ > ‘Account’ > ‘Add account’.

  1. Select [Agree and continue], then enter a different phone number.

  1. Enter the verification code sent via SMS or call, then complete your profile setup.

How to Switch Account

Select three-dot menu icon > ‘Switch accounts’ to switch between accounts. This option is available only when multiple accounts are registered.

For more details, visit the official WhatsApp website.

 

GMDSOFT Secures U.S. Patent for Digital Forensic Video Recovery Technology, Accelerating North American Market Expansion

GMDSOFT, a leading digital forensics company, announced it has been granted a U.S. patent from the U.S. Patent and Trademark Office (USPTO) for its next-generation video-based forensic technology. The registered patent, titled “DIGITAL FORENSIC APPARATUS FOR SEARCHING RECOVERY TARGET AREA FOR LARGE-CAPACITY VIDEO EVIDENCE USING TIME MAP AND METHOD OF OPERATING THE SAME” (Patent No : US 12387492 B2), represents a significant milestone in the company’s global expansion strategy.

With the recent increase in crime and accidents, investigators are overwhelmed by the sheer volume of digital evidence from devices like CCTVs and dashcams. Traditional methods of manually reviewing millions of frames are not only time-consuming and inefficient but also often fail to consider the critical temporal factor of an incident, leading to significant delays in case resolution.

To address these challenges, GMDSOFT’s patented technology offers a groundbreaking solution. Using Optical Character Recognition (OCR), it creates a Time Map of video footage. This allows the user to input a specific time, and the technology automatically searches for and recovers the exact corresponding frames. This innovation eliminates the need for investigators to manually sift through hours of footage, providing quick and accurate results.

This proprietary solution developed by GMDSOFT enables rapid analysis of large-capacity video data and precise identification of recovery targets. The system visually displays scenes from specific timestamps using a ‘time map,’ streamlining the investigation process by eliminating manual review of lengthy footage. This breakthrough technology is integrated into GMDSOFT’s AI-based video forensic solution, MD-VIDEO AI, and is currently being utilized in various investigative scenarios worldwide.

Securing this U.S. patent validates GMDSOFT’s technological leadership in the world’s largest market. In South Korea, GMDSOFT already holds more than 14 patents for core technologies, including embedded video data processing and digital forensic data collection devices and methods. With this new patent, GMDSOFT is launching its full-scale entry into the North American market. The MD-VIDEO AI solution, which incorporates this patented technology, is already seeing increased adoption in the U.S. and is expanding its use among local investigative agencies, military, and public institutions. Furthermore, GMDSOFT is accelerating its market penetration through a partnership with the International Association of Computer Investigative Specialists (IACIS), where it provides regular training programs for local professionals.

CEO Kim Hyun-soo stated, “Following our success with over $5 million in sales of MD-Video across 20 countries, this U.S. patent is a testament to GMDSOFT’s unique video recovery technology and further strengthens our market position. Based on this patented innovation, we will continue to enhance the performance of our entire MD-Series product lineup, including MD-VIDEO AI, and solidify our position as a technology-driven leader in the global forensics market.”

GMDSOFT plans to continue developing next-generation AI-based forensic technologies and expanding strategic partnerships in key markets like the U.S. and Europe to enhance its international presence.

 

Revolutionizing Digital Investigation: MD-RED v4 Media Intelligence Feature

The digital forensics landscape is evolving rapidly, with investigators facing unprecedented volumes of multimedia data. Today, we’re excited to introduce MD-RED v4’s groundbreaking Media Intelligence capability – a game-changing AI-powered solution that transforms how professionals analyze and extract insights from complex media datasets. 

 

The Challenge: Multimedia Overload in Digital Investigation 

Modern digital investigations involve processing massive amounts of multimedia content – from smartphone images and videos to audio recordings and documents. Traditional manual analysis methods are time-consuming, prone to human error, and often miss critical evidence hidden within the data. Investigators need intelligent tools that can quickly identify, categorize, and extract meaningful information from vast digital archives. 

 

Introducing media Intelligence: AI-Powered Media Analysis 

MD-RED v4 media intelligence feature leverages advanced artificial intelligence to automatically analyze multimedia content with unprecedented speed and accuracy. This innovative capability is divided into two core components: Image and Language Analysis, each designed to uncover critical information that might otherwise remain hidden. 

Image Analysis 

• Advanced Object Detection : Automatically identifies and categorizes over 80 different object types, including weapons, vehicles, persons, and other critical items relevant to investigations. This comprehensive object recognition capability ensures that no visual element goes unnoticed, providing investigators with immediate insights into the content of their image datasets. 

• Intelligent Face Analysis : Face clustering and recognition technologies enable investigators to quickly identify and group similar faces across multiple images. This feature is particularly valuable for tracking individuals across different media files and building comprehensive profiles based on visual evidence. 

Language Analysis 

• Speech-to-Text Conversion : Advanced Speech-to-Text (STT) technology converts spoken content from recordings and video files into searchable text. This transformation makes every conversation, interview, or audio note discoverable through text-based searches, dramatically expanding the scope of investigative analysis. 

• Optical Character Recognition (OCR) : Documents, screenshots, and text within images are automatically processed and converted to searchable text. This capability allows investigators to find specific information within visual content, making previously inaccessible data immediately searchable and analyzable. 

• Comprehensive Content Indexing : All extracted text and audio content is automatically indexed and made searchable, creating a comprehensive database of multimedia intelligence that can be queried instantly. 

 

Key Advantages of Multi Intelligence 

• Unprecedented Speed : What once took hours or days of manual analysis can now be completed in minutes. Multi Intelligence processes massive media volumes with lightning speed, allowing investigators to focus on analysis rather than data preparation. 

• Enhanced Accuracy : AI-driven precision significantly reduces human error while ensuring consistent analysis standards across all media files. The system’s ability to detect patterns and anomalies surpasses traditional manual methods. 

• Comprehensive Coverage : No detail is too small for Multi Intelligence. From tiny text in background images to subtle audio cues in recordings, the system captures and analyzes every piece of potentially relevant information. 

• Streamlined Workflow : The feature includes slideshow-style media review capabilities and intelligent file categorization based on path labels such as hidden files, recycle bin contents, and cache data. This organization enables faster exploration of applications and system information. 

 

Real-World Impact 

Media Intelligence transforms raw multimedia data into actionable intelligence, ensuring that investigators never miss crucial evidence. Whether analyzing smartphone extractions, computer forensics cases, or large-scale digital investigations, Media Intelligence feature provides the comprehensive analysis capabilities modern investigations demand. 

MD-RED’s ability to simultaneously process visual and audio content creates a complete picture of digital evidence, enabling investigators to build stronger cases and uncover connections that might otherwise remain hidden. 

 

Looking Forward 

As digital investigations become increasingly complex, tools like MD-RED v4 become essential for maintaining investigative effectiveness. By combining cutting-edge AI technology with practical forensics workflows, we’re not just keeping pace with evolving challenges – we’re staying ahead of them. 

MD-RED v4 with Media Intelligence represents the future of digital forensics, where artificial intelligence amplifies human expertise to deliver unprecedented investigative capabilities. 

MD-RED v4 is coming soon. Stay tuned for more updates on this revolutionary advancement in digital forensics technology. 

 

Breaking Digital Barriers: Galaxy S25 & Z Flip Fully supported

Comprehensive Data Extraction for Critical Investigations 

MD-NEXT introduces Full Filesystem (FFS) extraction capabilities for the latest Samsung Galaxy devices of Android 16, including the Samsung Galaxy S25 and Samsung Galaxy Z Flip. This breakthrough enables forensic professionals to conduct thorough investigations with unprecedented access to critical digital evidence. 

 

Technical Capabilities 

MD-NEXT FFS extraction provides comprehensive data access, ensuring complete recovery of system files, application data, deleted content, and forensic artifacts that conventional partial extraction methods cannot retrieve. MD-NEXT’s advanced architecture supports seamless integration with industry-leading System-on-Chip (SoC) platforms, including Qualcomm ,Exynos, MTK and UNISOC chipsets. 

Our development team maintains continuous compatibility updates, ensuring immediate support for emerging flagship devices upon market release. This proactive approach eliminates investigative delays caused by unsupported models. 

Core Technical Advantages

Universal Device Compatibility : MD-NEXT supports comprehensive data extraction across diverse device categories including smartphones, feature phones, IoT devices, smart televisions, unmanned aerial vehicles, cloud services, providing a unified solution for multi-platform investigations. 

Extensive Operating System Support : Our platform maintains compatibility with over 15,000 device models across multiple operating systems including Android, iOS, HarmonyOS, Windows, Tizen, KaiOS and more. 

Advanced Physical Extraction Methods : MD-NEXT employs multiple extraction vectors including Bootloader manipulation, AnyLock Bypass protocols, ADB Pro (T1-T5) advanced debugging protocols, Fastboot interface utilization, JTAG boundary scan testing, and chip-off memory analysis for maximum data recovery potential. 

Next-Generation Hardware Integration : Our proprietary MD-PLUG hardware platform delivers full filesystem access through both generic extraction methods and exclusive hardware-accelerated acquisition protocols, ensuring optimal performance and data integrity for mission-critical investigations. 

Evolving Logical Extraction  : ADB Backup, iOS Backup, Manufacturers’ backup protocol, App Downgrade, App Backup, App Plus and next thing by evolving new logical extraction technology. 

 

Professional Implementation

MD-NEXT represents a comprehensive mobile forensic solution designed for law enforcement agencies, corporate security teams, and digital investigation professionals requiring reliable, court-admissible evidence extraction from modern mobile devices. 

Contact our sales team to request a demo of MD-NEXT in your forensic investigation and discover how our advanced capabilities can expand the scope of your investigations.

 

GMDSOFT Achieves KOLAS Accredited Testing Laboratory Across All Three Core Digital Forensics Domains

First Private Company in Korea to Receive Comprehensive Digital Forensics Testing Institution Recognition  

GMDSOFT, a leading digital forensics specialist, announced its groundbreaking achievement as the first private company in Korea to receive Korea Laboratory Accreditation Scheme (KOLAS) accreditation across all three fundamental digital forensics disciplines: Disk Forensics, Mobile Forensics, and Physical Recovery Forensics. 

This milestone represents a significant advancement in Korea’s digital forensics landscape, particularly in Physical Recovery Forensics—a highly specialized field involving data recovery from severely damaged devices where conventional restoration methods prove ineffective. GMDSOFT’s recognition in this domain marks the first time a Korean private sector entity has achieved KOLAS accreditation in this critical area. 

 

Rigorous International Standards Compliance 

The accreditation process requires GMDSOFT to demonstrate compliance with ISO/IEC 17025 international standards through comprehensive KOLAS evaluation. ISO/IEC 17025 serves as the definitive benchmark for establishing credibility and reliability in forensic products and services, ensuring that testing results meet the highest international standards for accuracy and dependability. 

 

Proprietary Technology Excellence 

Central to achieving this accreditation were GMDSOFT’s proprietary forensic solutions MD-NEXT and MD-RED, representing advanced mobile data acquisition and comprehensive analysis platforms respectively. These cutting-edge technologies demonstrated the company’s technical innovation and analytical capabilities, establishing new benchmarks for digital evidence processing and analysis within Korea’s forensic community. 

 

Strategic Market Expansion and Global Leadership 

This KOLAS accreditation serves as a strategic foundation for GMDSOFT’s comprehensive market expansion strategy. Domestically, the recognition grants the company authorization to directly issue forensic test certificates, enabling enhanced collaboration with both public institutions—including law enforcement agencies, audit organizations, and courts—as well as private legal entities such as law firms. This capability extends to diverse litigation applications, encompassing corporate internal investigations, data deletion verification, and file tampering analysis. 

Internationally, this accreditation positions GMDSOFT to earn trust and credibility in global markets, particularly facilitating full-scale entry into North American and European markets where ISO/IEC 17025 certification is mandatory for forensic service providers. By providing test results that comply with international standards across varied legal proceedings, GMDSOFT is positioned to significantly enhance both the acceptance rate and credibility of digital evidence in digital forensics services and solutions. The accreditation thus enables the company to deliver authoritative forensic documentation that meets the rigorous evidentiary standards required in contemporary legal environments, both domestically and internationally. 

 

Innovation and Future Development 

Building upon this accreditation milestone, GMDSOFT is accelerating development of AI-based next-generation forensic technologies. This strategic focus positions the company to emerge as a global leader in digital forensics, combining established expertise with cutting-edge artificial intelligence capabilities to address evolving challenges in digital evidence analysis. 

 

🇵🇹 PORTUGUÊS

A GMDSOFT tornou-se a primeira empresa privada da Coreia a alcançar o status de Laboratório de Ensaios Credenciado KOLAS em todas as três áreas fundamentais da perícia digital: 

Perícia de DiscoPerícia MobilePerícia de Recuperação Física – Tecnologia avançada para recuperação de dados de dispositivos severamente danificados onde métodos convencionais falham. 

O que isso significa: Através da avaliação pelos padrões internacionais ISO/IEC 17025, obtivemos reconhecimento oficial como Laboratório de Ensaios de Perícia Digital Credenciado KOLAS. Este padrão abrangente avalia sistemas de gestão da qualidade, competência técnica, ambientes analíticos e instalações do centro pericial—critério fundamental para garantir a confiabilidade dos serviços periciais. 

Nossas soluções proprietárias MD-NEXT e MD-RED foram instrumentais para alcançar este marco, demonstrando nossa excelência técnica e capacidades de inovação. 

Este reconhecimento como Laboratório de Ensaios Credenciado KOLAS nos posiciona para ingressar plenamente nos mercados norte-americano e europeu onde a certificação ISO/IEC 17025 é obrigatória. Estamos acelerando o desenvolvimento de tecnologia pericial de próxima geração baseada em IA para emergir como líder global em perícia digital, melhorando significativamente a aceitabilidade e credibilidade das evidências digitais nos serviços e soluções de perícia digital mundialmente. 

 

🇯🇵 日本語

GMDSOFTは、韓国の民間企業として初めて、デジタル・フォレンジックの主要3分野すべてにおいてKOLAS認定試験機関の地位を獲得いたしました: 

ディスク・フォレンジックモバイル・フォレンジック物理復旧フォレンジック – 従来手法では対応困難な重度損傷機器からのデータ復旧を可能とする先進技術 

認定の意義: ISO/IEC 17025国際標準に基づく評価を通じて、KOLAS認定デジタル・フォレンジック試験機関として正式認定を取得。この包括的基準では、品質管理システム、技術的適格性、分析環境、フォレンジック・センター設備など、フォレンジック・サービスの信頼性確保に不可欠な要件が厳格に審査されます。 

弊社独自開発のソリューション「MD-NEXT」および「MD-RED」が本認定取得の原動力となり、当社の技術的卓越性と革新力を実証いたしました。 

このKOLAS認定試験機関としての認定により、ISO/IEC 17025認証が必須要件となる北米・欧州市場への本格参入が可能となります。AI基盤の次世代フォレンジック技術開発を加速し、デジタル・フォレンジック分野のグローバル・リーダーとしての地位確立を目指すとともに、世界各国におけるデジタル・フォレンジック・サービスおよびソリューションのデジタル証拠採用性と信頼性の大幅向上に貢献してまいります。 


GMDSOFT Tech Letter Vol13.Smart Ring Artifact Analysis: Oura

In a recent burglary case that made headlines, a suspect confidently claimed he was “fast asleep” during the crime. His defense seemed solid until investigators examined his Oura ring data. The biometric evidence painted a different picture entirely: no sleep patterns were recorded, his heart rate was elevated, and movement tracking data completely dismantled his carefully constructed alibi. 

This case represents a pivotal moment in digital forensics—where wearable technology transforms from personal health tracking into powerful investigative tools. 

 

The Current State of Digital Forensics: Racing Against Time 

Traditional forensic investigations have long depended on physical evidence and witness testimony to build cases. While these methods remain fundamental, today’s digital investigators face unprecedented challenges. As criminals become more technologically sophisticated and traditional evidence becomes increasingly scarce, forensic teams find themselves in a constant race against time to uncover that crucial piece of proof that can make or break a case. 

 

The Hidden Goldmine: Biometric Data from Wearable Devices 

Enter the era of ubiquitous wearable technology. Smart rings, fitness trackers, and smartwatches are silently collecting an unprecedented amount of biometric data around the clock. These devices meticulously record: 

• Sleep patterns and quality metrics 

• Heart rate variability throughout the day 

• Body temperature fluctuations 

• Detailed movement and activity tracking 

What makes this data particularly valuable for forensic investigations is its precision and continuity. Unlike smartphones that can be turned off or left behind, wearable devices are typically worn 24/7, creating an uninterrupted timeline of physiological responses that offer crucial insight into a person’s physical state and movements. 

This isn’t merely fitness data anymore—it’s becoming one of the most reliable digital witnesses in modern criminal investigations. 

 

MD-RED: Your Solution for Biometric Forensic Analysis 

At GMDSOFT, we recognized this growing need in the forensic community. Our MD-RED platform can analyze the biometric goldmine that wearable devices provide. Whether you’re dealing with Oura rings or other wearable technology, MD-RED unlocks the data that solves cases. 

Tech Letter Vol.13 provides an in-depth exploration of analyzing biometric data recorded by Oura smart rings. This comprehensive guide offers the detailed technical insights you need to understand and implement biometric forensic analysis in your investigations. Interested in learning more about biometric forensic analysis and MD-RED’s capabilities? Request our Tech Letter Vol.13 to dive deeper into this cutting-edge field. 

 


2025 MD-Series Q2 Release Note Highlights

Advancing Digital Forensics Through Continuous Innovation 

As the volume of mobile device evidence continues to escalate in modern investigations, GMDSOFT remains committed to delivering comprehensive solutions that address the evolving challenges faced by digital forensics professionals worldwide. Our Q2 2024 release demonstrates our ongoing dedication to expanding device compatibility, enhancing extraction methods, and providing global language support to meet the diverse needs of law enforcement and forensic investigators. 

 

📱 MD NEXT 

• Supports New Phones – 37 Manufacturers, 330 New models 

• Support new Extraction Method using MD-PLUG (Android Live Pro)
: For 449 models including Samsung Galaxy S22~S24 Series, Z Flip 4~6 Series, Z Fold 4~6 Series  

• Support new Extraction Method within Android Live (App Backup)
: WhatsApp and WhatsApp Business 

• 5 new languages added: Indonesian, Spanish, French, Thai, Portuguese 

📤 MD-RED 

• Supports New Apps – 5 Android Apps, 3 iOS Apps 

• Updated Apps – 27 Android Apps, 25 iOS Apps 

• Support for analyzing Keystore files extracted by UFED tools 

👮🏻‍♀️ MD-LIVE 

• Added new languages: Russian(русский), Arabic(العربية)  

• Supports Zangi Private Messenger application in App downgrade 

☁️ MD-CLOUD 

• Added new languages: Indonesian (Bahasa Indonesia)  

• Improved extraction stability for Facebook, Google, and iCloud 

🚁 MD-DRONE  

• Added new models manufactured by Mateksys and SpeedyBee 

🎥 MD-VIDEO AI 

• ‘Number Plate Restoration’ covering 3 countries + 14 States of USA   

• ‘Multi-Input Number Plate Restoration’ covering 2 countries 

 

For comprehensive technical specifications, detailed release notes, and implementation guidance, please contact our sales team. Our experts are available to provide consultation on MD-Series integration and optimization for your specific forensic requirements. 

 


The future of mobile device evidence analysis- MD-RED v4 Coming soon

After extensive research and invaluable feedback from our MD-RED v3, we’re thrilled to announce that MD-RED v4 is launching soon – and it’s a complete game-changer. 

 

What Makes MD-RED v4 Extraordinary? 

Lightning-Fast Performance: Process massive datasets with unprecedented speed and reliability

🧠 AI-Powered Intelligence: Advanced media analysis with cutting-edge AI models that think ahead

🎯 Intuitive Discovery: Find exactly what you need with smart search and filtering capabilities  

Built for the Challenges of Tomorrow : As digital evidence becomes more complex and data volumes explode, traditional tools simply can’t keep up. MD-RED v4 doesn’t just solve today’s problems – it anticipates tomorrow’s needs. 

 

Key Breakthrough Features: 

• AI-Enhanced Media Intelligence: Leverage machine learning for smarter evidence discovery 

• Real-Time Multi-Window Integration: Synchronized analysis across multiple windows for maximum efficiency  

• Optimized Analysis Architecture: Faster performance with fewer errors through enhanced structural design 

• Advanced Synchronization: Effortless data selection across multiple analysis streams 

• New advanced analysis features: PC Messenger analysis, Malware detection, Speech-To-Text, Machine translation, CDR analysis 

 

Ready to Transform Your Digital Forensics Process? 

MD-RED v4 represents years of innovation, user feedback, and technical excellence rolled into one powerful platform. This isn’t just an upgrade – it’s a complete reimagining of what digital evidence analysis can be.  Stay tuned for the official launch and feel free to reach out to us for more information!