Tech Letter vol 2. Telegram Messages on Device Missing in analysis Results

telegram message analysis
In an era where digital communication is ever-expanding, Telegram stands out with its impressive growth, boasting over 900 million monthly active users (MAU) worldwide. This figure marks an astonishing 80% increase in global users from 2021 to 2024. However, as Telegram’s popularity rises, so does its exploitation in various criminal activities. Recent trends reveal a troubling escalation in crimes facilitated through the platform: 
 
  • • Cryptocurrency Scams: The anonymity provided by Telegram is being leveraged by fraudsters to carry out sophisticated cryptocurrency scams, deceiving countless victims globally. 
  • • Drug Trafficking: Covert drug trafficking networks are increasingly utilizing Telegram for their operations, making it harder for law enforcement to track and intercept illegal transactions. 

These rising issues underscore the urgent need for effective digital forensic technologies on Telegram. Understanding the intricacies of how Telegram stores messages on devices is crucial for digital forensics experts, law enforcement agencies, and cybersecurity professionals striving to combat these crimes. 

 

Inside the GMDSOFT Tech Letter 

In this month’s GMDSOFT Tech Letter, we delve deep into the technical aspects of Telegram’s message storage. Our comprehensive guide offers a blend of practical application, illustrated through real-world case studies and examples.  

This essential read is designed for anyone involved in digital investigations or interested in messaging app security. Whether you are a digital forensics expert, a law enforcement professional, or a cybersecurity enthusiast, our detailed exploration offers the knowledge and tools needed to tackle Telegram-related crimes effectively. 

 

Conclusion 

As Telegram continues to grow, so do the complexities of its misuse. Staying informed and equipped with the right forensic techniques is more important than ever.  

For a deeper dive into Telegram’s message investigations and mobile forensics, submit inquiry to request the full version of GMDSOFT Tech Letter.  

Tech Letter vol 1. Android Camera Log Analysis

Overview l 

Camera logs are essential forensic tools as they document camera operations and activities. These logs include details like the camera mode used and timestamps, which can help investigators understand user behavior and potentially uncover illegal activities. 

This June, GMDSOFT Tech Letter brings you an exclusive guide on how to uncover photo history from Android camera logs. Learn how to analyze camera app logs to deduce user behavior and uncover critical clues related to illegal activities. 

 

Summary l

1️⃣ Timestamps of when photos were taken, and camera modes are recorded in both database files and text files. 

2️⃣ Camera logs in the database files are deleted after 3 months. 

3️⃣ More camera information can be retrieved from text files. 

 

Conclusion l

Camera logs from Samsung devices running Android 11, 12, and 13 offer valuable insights into camera usage and can aid significantly in forensic investigations. For detailed guidance on retrieving and analyzing these logs, click the button below to request the full Tech Letter. 

Mobile Forensic Investigation for Cyber Incident

With the growing number of voice phishing incidents, mobile forensic investigators need to be equipped with specialized knowledge and tools to effectively investigate these cases.

As such, staying up-to-date with the latest trends and techniques in mobile forensic investigation is crucial for investigators to successfully handle cyber incidents.

 

 

Our new tech report showcases how investigators can use MD-Series to obtain verifiable results and collect information from mobile devices that were involved in security incidents.

Malicious applications can be installed on mobile devices without the user’s knowledge, and such applications can steal personal information or manipulate the device as intended by the attacker.

In such cases, traces of the incident can be found in the application installation and execution results, system logs of the device, and download history of the files.

 

 

Be sure to check it out to stay informed on the latest developments in mobile forensic investigation.

 

Submit your inquiry to get the full version of the tech report!

Submit Inquiry

Deep dive into “Metadata”

Metadata : EXIF

 

Metadata describes the content of data. Metadata may be modified or deleted when sending files to an application or uploading files to a website. Metadata is used to sort and search data quickly, but it also serves as an essential artifact to trace users’ behaviors from a digital forensic perspective.

 

We will use MD-RED and analyze EXIF that contains information about the camera maker, camera model, software (Build version and iOS version), original and meta-changed time, and location a photo was taken. 

 

This whitepaper will help you to understand the concept of Metadata and the structure of how data is stored in EXIF.

 

Contents

  1. About Metadata
  2. The Structure of EXIF and Analysis
  3. EXIF Location in File
  4. MD-RED Analysis Results
  5. Conclusion
  6. Appendix

If you want to learn more about Metadata, leave your inquiry on the whitepaper.

 

Submit Inquiry

Whitepaper – Finding Important Artifacts in Recycle Bin(iOS/Android)

Recycle Bin can become an important clue to the case. It might provide the trace of a trial to hide or to conceal a clue. This whitepaper focuses on the research of deleted files from various types of apps in iOS and Android. It will help you to understand Recycle Bin, how the analyzed result varies by app, device, and OS environment. Acknowledge of recycle bin, you can go one step further to discover meaningful data!

 

 

Contents

 

  1. Introduction – What is Recycle Bin?
  2. Case Study – iOS(Save Path, Analysis result) – Apps: Photos, Notes, Voice Memos, Files
  3. Case Study – Android(Save Path, Analysis result) – Apps: Gallery, Voice Recorder, My Files, Contacts, Samsung notes, Messages
  1. Conclusion
  2. Appendix

Download Whitepaper – Recycle Bin(Preview version)

 

 

If you want to read the full version of the report, submit your inquiry!

Submit Inquiry

Whitepaper – Data extraction and analysis of Samsung Secure Folder

Data extraction and analysis of Samsung Secure Folder

 

Secure Folder is a separate storage space within the device, protected by ‘Knox’—a security technology of Samsung.

By keeping sensitive data or personal contents and apps in Secure Folder, users can protect one’s personal data from being unintentionally exposed by external factors(e.g., attacks from malicious apps).

 

This whitepaper deals with data extraction and analysis of Samsung Secure Folder. Learn the extraction methods of Samsung Secure Folder which varies with the model, OS version, and security patch level by MD-NEXT. Find out how you can discover meaningful data from the analyzed result by MD-RED.

Submit Inquiry

White paper – ‘Factory Reset(iOS, Android)’

In this whitepaper, you can find the definition of Factory Reset, how its method differs by OS and device environment, and why mobile forensic investigators should understand important meanings of Factory Reset, and lastly how MD-RED analyzes the log of Factory Reset.

This is the preview version of the white paper, and if you want to find out the full version please contact our team. 

sales@gmdsoft.com

 

Submit Inquiry

White Paper – How MD-RED recovers and decrypts WhatsApp data

This white paper provides a technical explanation of WhatsApp’s encryption system, major features of WhatsApp that

needs advanced research and how those data can be recovered/decrypted and viewed by MD-RED.

If you want to have full version of our research on WhatsApp send us your inquiry!

Preview – WhatsApp White Paper 

Submit Inquiry