3 Reasons why you should always update WhatsApp

In this digital age, time is important, so most people want to satisfy most of their needs in just one click… More and more messengers are becoming popular, but WhatsApp still remains especially popular, which is why hackers keep their sights on it.

Here are some of the vulnerabilities in the WhatsApp application…

> Did you know that it is possible to gain access to an individual’s messages because of vulnerability in the WhatsApp protocol?

> Hackers can a gain access to a user’s cell phone by using a vulnerability that is triggered when a video call is answered.

> There is vulnerability with the two-factor authentication on WhatsApp. If a user switches off their phone at night, the password recovery system can be made to call and name the code, this code can be accessed using voicemail since most passwords are still weak.

To avoid becoming the next victim, always keep your WhatsApp updated! Has your phone been hacked? Please contact us immediately at TCG Digital Forensics in Cape Town and Centurion – give us a call on 021 110 0422 or email contact@tcgforensics.co.za

The Importance of a Strong Password

Too many people come to us in a frenzy complaining that either their data has been lost or stolen OR they simply cannot remember their password. When you don’t have a password you cant access or protect your files, on the other hand even if you do have a password you need to ensure it is 100% foolproof so you don’t end up being the victim!

DLA offers password recovery services for businesses and personal computer users, using only the latest technologies to achieve the password recovery results you need. Our forensic recovery service includes recovering passwords from zipped files, word documents, excel files and of course logon profiles on computers.

We are able to access what cannot be seen using the latest forensic technology. Using state of the art cellular forensics tools we are also able to bypass 98% of device passwords to read the device directly without needing to know the handsets logon or password. 

We can also perform cellular forensics as well as data recovery from laptops, computers, cell phones and media devices such as tablets.

Do not hesitate to contact DLA for professional and affordable services in Cape Town and the surrounding areas!

When the Trill of a Cell phone Brings the Clang of Prison Doors

It was a crucial moment in 2007 during the trial of Paul Cortez, an actor and yoga teacher who was ultimately convicted of killing his former girlfriend Catherine Woods, a dancer who was working as a stripper.

After weeks of testimony and a parade of witnesses, the case against Mr. Cortez boiled down to this: a bloody fingerprint and data collected from a cell phone.

A record from a T-Mobile cell phone transmission tower on the day Ms. Woods was murdered showed that Mr. Cortez called her 13 times in the hour and a half before her death, and then never again. He had told the police in a written statement that he made the calls from his home.

But as he called, the record showed his cell signal hitting a tower near his apartment, and gradually shifting to towers near Ms. Woods’s apartment. At trial, when the prosecutor questioned him about the discrepancy, Mr. Cortez changed course, saying he had made some of the calls from a Starbucks.

Examining cell phone data is a technique that has moved from being a masterful surprise in trials to being a standard tool in the investigative arsenal of the police and prosecutors, with records routinely provided by cell phone companies in response to subpoenas. 

Its use in prosecutions is often challenged, for privacy reasons and for technical reasons, especially when the data comes during the morning or evening rush, when circuits are crowded and calls can be redirected to other towers. But it is often allowed and is used by both prosecutors and defence attorneys to buttress their cases.

DLA combines the experience of two seasoned investigators with both criminal and civil backgrounds with the latest technologies for the best results.

We may never know how the FBI unlocked the shooter’s iPhone

We know now that the FBI was able to gain access to an iPhone 5C belonging to the San Bernardino shooter thanks to an outside security firm. What we don’t know is how it was done or even who did it. We may never know, thanks to the nature of the agreement between the FBI and the unnamed firm.

The government has what is known as the Vulnerabilities Equities Process, which is used to evaluate whether security flaws known by the government should be disclosed so they can be fixed. In this case, the exploit used to bypass the PIN lock on the shooter’s iPhone 5C is considered proprietary information by the company. Meaning, it’s not a publicly available exploit. It was either discovered by the firm, or more likely purchased from whoever uncovered it in the first place.

Having exclusive knowledge of an exploit allows a company to build a tool for bypassing security features, a hot commodity in law enforcement. These undisclosed exploits can sell for thousands, or even millions of dollars. For its part, the FBI probably couldn’t disclose the specifics of the hack even if it was permitted — it doesn’t know anything about the process.

Apple has said it would be interested in fixing the exploit, but it’s unlikely it affects newer iOS devices with hardware security features. The FBI isn’t likely to do Apple any favors even if it did have specifics. After getting a court order compelling Apple to assist with unlocking the phone, the company decided to fight it out in the courts. Virtually all tech firms rallied behind Apple, and the FBI eventually dropped the case and sought outside help. And the end result?Nothing significant has been found on the iPhone.

Digital and cellular forensics is much more than you may think. It requires a thorough understanding of investigative process, the law of evidence and of naturally the appropriate background to criminal and civil investigations. The forensic experts at DLA will follow the electronic trail to find the evidence that you need.

Israeli mobile forensics firm helping FBI unlock seized iPhone

The mobile forensics firm Cellebrite of Israel is reportedly assisting the Federal Bureau of Investigation in unlocking a seized iPhone that has become the center of a legal dispute between the bureau and Apple.

The revelation comes two days after the US government tentatively withdrew its demands that Apple write code and assist the authorities to unlock a seized iPhone used by one of the San Bernardino County shooters. The FBI told a federal judge that an "outside party demonstrated to the FBI a possible method for unlocking (Syed) Farook's iPhone." A federal magistrate then tentatively stayed her order demanding that Apple assist the authorities in unlocking the phone.

That same day, according to public records, the FBI committed to a $15 278 "action obligation" with Cellebrite. An "action obligation" is the lowest amount the government has agreed to pay. No other details of the contract were available, and the Justice Department declined comment. Cellebrite, however, has reportedly assisted US authorities in accessing an iPhone.

For now, US-based security experts believe that Cellebrite does have the wherewithal to perform the task.

"I'm really not at liberty to confirm the third party, but based on the techniques I've described in my blog on the subject, I think Cellebrite, as well as many large forensics firms like it, have the capability to perform such tasks," forensic scientist Jonathan Zdziarski told Ars in an e-mail. "DriveSavers, for example, has released statements yesterday suggesting they're almost there. I think the techniques are pretty straight forward for firms like these now that the tech community has had a chance to comment."

DLA is based in Cape Town and combines the experience of two seasoned investigators with both criminal and civil backgrounds with the latest technologies to achieve the results that you require - contact DLA today!

The demand for mobile forensics is continuously growing

Every day, more and more people are using smartphones. The amount of data which is wirelessly transmitted continues to increase at an impressive rate. According to the results of a survey there has been a huge increase in the number of active smartphones since 2011.

If you think about what our cell phones are today, they’ve actually moved away from simple cell phones and evolved into smartphones which are tiny, powerful computers that people are walking around with every day.

Digital forensic experts from DLA say that the value is not just in the cell phone call history and text messages. It’s about the ability to Google search whatever you want and have information at your fingertips. Cell phones have become diaries of people’s lives.

As digital detectives, DLA is trying to find out what was happening in somebody’s life, to whom they were talking, what the contents of those conversations were, and how they relate to the crime being investigated. This is indispensable evidence that can never be overlooked.

Mobile forensics examiners describe how there is probably more probative information found on a mobile device per byte examined than on computers. 

What is “Cellular Forensics” anyway?

So, what exactly is Cellular Forensics anyway? Well, forensics means “tests and techniques used in connection with the detection of crime.” Cellular? Every ones knows that deals with mobile phones and their technology.

Cellular forensics can also be referred to as Mobile forensics. So, when someone says Cellular forensics there are describing “the utilization of technology (software, hardware, techniques) that enables an examiner to secure, acquire, document and present the data found in a mobile phone.”

What good is Cellular Forensics? As some people say – you are what you click – and a cell phone tells a bunch about a person. Contacts, WhatsApp messages, Photos, location, SMSs and call history are just a few of the tell-all items in your phone. Imagine an employee sharing company secrets with the competition or a married man messaging his secret lover on WhatsApp… the information on their phone can be very damaging and valuable.

So, is this like your favourite show, CSI Miami? No not really! There is no one piece of hardware or software that can be used for the thousands of models of phones out there. But cellular forensic experts, like the professionals at DLA certainly know how to get their hands on the data on your cellphone that you thought was long gone!

Cellular forensics is like archaeology: you dig and dig using whatever proven tools you can find, and sometimes you crack the nut and other times you come away exhausted with little to show for your efforts.

Cellular Forensics today is not really a brand new field, however as our cell phones get more and more advanced, our methods need to be too.

What to do if a computer in your business contains important evidence

First of all – STOP using the computer or device! Any use of this may damage or taint any evidence present. If the suspected computer is turned off, then leave it off.

If the computer or device is on, do not go through the normal “Shut Down” process… rather call the digital forensic experts first.

Do not allow your internal IT staff to conduct a preliminary investigation.

It is important to recognise that all you have initially is information and data, not actual evidence. Unless your IT staff is certified in computer forensics and trained on evidentiary procedures (very few are), they most likely have not followed other accepted evidence techniques. 

Another thing to keep in mind is that even if proper evidence handling techniques have been used, the collection process itself has most likely changed or altered the data collected. By opening, printing and saving files, the meta-data is changed! Lastly, the simple act of just turning on the computer changes files, caches, which along with the alteration of the meta-data, may have seriously damaged or destroyed any evidence that was present.

Depending on the damage done, a skilled computer forensic specialist may be able to salvage the damaged evidence. This however, can be an arduous and time-consuming process which often costs several times more than it should. However, it is always important to bear in mind that it is not always possible to restore evidence from computers that have been mishandled.

Keep a detailed log of who had access, what was done and where the computer has been stored since the dates in question.

Computer forensics may be an unknown and mysterious discipline to many, but it is easy to avoid the most common mistakes by following the guidelines outlined! Only use certified digital forensic experts, such as the professionals from DLA, contact them today and get the job done right.

Using cellular forensics for internet infidelity and divorce

In today’s world a cellular device has just about replaced the computer. Today, billions of mobile devices are in use worldwide. The growth for cell phones and the growing number of PC-like features being incorporated into their design are fueling the theory that the cellphone will soon become the new laptop.

In any internet infidelity or divorce case, it is very important to review the information contained on the guilty party’s mobile phone, as long as the consent to search is present. Often times when a computer is shared in the home, the cell phone becomes the mechanism of the affair.

Some of the data that can be recovered from a cellular device is:

- Call logs (date, time, phone number, duration of calls)

- SMSs

- WhatsApp messages

- Calendar entries

- Photos 

- Videos

- Emails

- Phone details

- SIM card data

Feel free to contact us at DLA digital and cellular forensics for any further information or assistance on cellular forensics!

What is Forensic Data Recovery?

Forensic data recovery is not magic; in fact it is actually very technical. People always wonder how the forensic experts can conjure up stuff from smartphones, tablets or hard drives that the owners thought were gone. So, how does forensics data recovery work?

Sometimes forensic data recovery is as simple as trying to reconstruct the information on a damaged hard drive, disc or memory card. At other times, it may include the resurrection of data that was thought to be lost or deleted, the bypassing of security systems or the study of a smartphone for traces of certain activity.

Because specialists in forensic data recovery may be working with computers which have been seeded with safety measures to prevent legal investigations, they must use special procedures to avoid compromising or erasing data.

Forensic data recovery is not magic at all. It is highly sophisticated and in order to be admissible in court, must be completed by professionals using complex tools and protocols.

DLA digital and cellular forensics can find the data that you need! DLA knows forensics inside and out, so if you need a professional when it comes to any forensic data recovery - Contact DLA now!  

Mobile Phone Analysis

Mobile devices are becoming increasingly powerful and popular, with people even sometimes carrying more than one. However, their increasing capability provides more opportunity to store and circulate information.

Mobile devices have many different features, like the ability to take photos and videos. When a multimedia file is taken, many devices automatically embed GPS location of the handset at that time. This then allows the location of the user at that exact moment to be established at a later date.

Multiple communication features, such as Bluetooth, WiFi 3G and 4G enable the transfer of information that can even cross international boundaries. Users can browse the internet, send and receive emails, post blogs and even removable media cards can be inserted into the device allowing information to be exchanged.

Depending on the client, the following information can be recovered from a mobile phone:

- SMS
- Email
- Call history
- Photos
- Videos
- WhatsApp history
- Passwords

Mobile devices are similar to computers, but with far more powerful capabilities. The value of the evidence found on a smartphone or any other mobile device must never be overlooked! DLA has the cellular and digital expertise to extract and uncover the evidence you need.

The other side of mobile forensics

Mobile or cellular forensics isn’t just about finding WhatsApp messages, images and recent calls; it can also reveal much more. There’s a whole other side to it, which can include carrier data, call logs, undelivered messages and important data that reveals your exact location at the time of the incident. Matched together with the information saved to your mobile device, and mapped together with street names and landmarks, carrier data can enhance data on your device.

The best thing is, if cellular forensics is being used in an important crime case, they can be used to break the case. However, a lot of investigators overlook this critical evidence.

Most cell towers consist of poles that send and receive signals in three sectors; this makes it easier as it enables them to identify which side of the tower communicated with a cellular device.

Carriers keep detailed call records of these communications for billing purposes, so the data includes information like date, call length, whether a call was inbound, outbound, or went to voicemail.

Tower data reveals whether the device was in motion or stationary. A person dialing from one location will hit the same side of the same tower, but a person on the go will hit different towers and different sides.

In an investigation that uses mobile forensics, carrier data information can be vital. It can be used to place a phone in a certain area at a specific time, identify call patterns, establish timelines and identify suspects. 

DLA is based in Cape Town and combines the experience of two seasoned investigators with both criminal and civil backgrounds with the latest technologies to achieve the results that you require. Contact us today today!