Understanding Mobile Forensics - Preview

(...) Today, data is critical to legal investigations, too. As mobile technology develops, most digital data is not only sent but also is stored on mobile devices. Whether it's a smartphone, tablet, or wearable device, almost everyone today owns a mobile device. In terms of data, mobile devices are gold mines. Despite their small size, they collect a huge amount of qualitative and quantitative data that can be used for investigations. Mobile forensics is becoming increasingly important for civil and criminal investigations and court proceedings. In order to create this issue, I invited expert contributors and asked them to share their knowledge. You may read more about the articles in the sections below.
I sincerely hope you enjoy reading this issue. Naturally, we appreciate any and all comments and recommendations. Email me at [email protected] if you would like to.

 

FULL ARTICLE TO READ

iPhone Forensics: checkm8 Extraction
Oleg Afonin
Initially, the developers of the checkm8 exploit claimed the vulnerability was impossible to patch, however, Apple applied a very effective band-aid to the last generation of affected devices running the latest versions of iOS. In this article, we’ll discuss the possibilities opened by the checkm8 exploit, publish a step-by-step guide on using this exploit to extract device data, and talk about the limitations of the approach introduced in iOS 16.

 

>>If you want to buy this magazine click here <<

>>If you are a subscriber, download your magazine here<<

TABLE OF CONTENTS

All You Need to Know About Mobile Forensics
Amber Schroader
A mobile forensics process is where you put the science with the art of creativity required to do the job. The process is the set of steps that you follow with each examination, no matter what type of device you must process.

Analyzing Malware Mobile Apps with VirusTotal Enterprise Online and Kali Linux Locally
Israel Torres
VirusTotal Enterprise (VTE) is a wonderful online tool set and malware database, and has quite a number of useful and needed features; however, many can make do with the various malware databases out there, such as vx-underground, MalwareBazaar, MalShare, tria.ge, VirusShare, InQuest, Hybrid Analysis, ANY.RUN, VirusBay, and even the number of GitHub repositories that can be searched through using Google. In this article, we’ll be hunting mobile malware using VirusTotal Enterprise, and analyzing a mobile malware sample found using the tools in the latest version of Kali Linux.

iPhone Forensics: checkm8 Extraction
Oleg Afonin
Initially, the developers of the checkm8 exploit claimed the vulnerability was impossible to patch, however, Apple applied a very effective band-aid to the last generation of affected devices running the latest versions of iOS. In this article, we’ll discuss the possibilities opened by the checkm8 exploit, publish a step-by-step guide on using this exploit to extract device data, and talk about the limitations of the approach introduced in iOS 16.

Digital Forensics Analysis in DeepFake
Chirath De Alwis
Deepfake technology has the ability to create highly realistic and manipulative videos and images, which poses a significant challenge to digital forensics. As deepfake technology becomes more sophisticated, it becomes increasingly difficult to detect and verify the authenticity of digital media.
In this series, we will examine the technical aspects of deepfake technology and its impact on digital forensics.

Imaging an Android Smartphone Logically
Amber Schroader
There are a variety of imaging techniques available when you work with smartphones. With most acquisitions, we rely on logical acquisition techniques to get our evidence. As this is a well-known technique, it is always good to review logical image processing.

The Challenges of Collecting Evidence
Rhonda Johnson
Mobile devices such as smartphones have operating systems such as Android and iOS that allow for the installation of third-party applications that operate with restrictions of the operating system such as application isolation and other memory demands. This paper will explore the challenges of working with different operating systems while collecting evidence, and explain chipping off, live and postmortem mobile forensic analyses.

Unusual Emails: Investigating
Jeff Minakata
For this article, we will be performing an OSINT investigation on an email that was sent to see what information we can find by verifying parts of the email’s content. This is a scenario based on real email investigations.

A Technical Analysis of Brazilian Electronic Voting Machines
André Ruschel
Electronic voting machines were developed in 1995 and were first used in the 1996 municipal elections.
For some years it has been technically discussed the electronic voting machines system, but when we talk about the system, it is not about the operating system used, but about the technical process adopted.

Interview with Paulo Henrique Pereira
Ewa & eForensics Team
Paulo Henrique Pereira is a CyberSec Professional and Digits3c Founder working on malware analysis. Digits3c is his small intel company that works with models for malware analysis.

 

---

Disclaimer

The eForensics Magazine is an international magazine dedicated to the publication of scientific articles that address different subjects of Digital Forensics. The article's subjects are the responsibility of the authors, as well as the veracity of the facts and analyzes presented. Such matters do not necessarily form the opinion of this magazine.

---