What is Snapchat?

Snapchat Header.JPG

So what’s all the fuss about Snapchat?

First launched on 8th July 2011, Snapchat was originally called ‘Picaboo’. The application is a multimedia messaging application and used globally by over 188 million users generally for sharing multimedia. One of the principal original features of Snapchat was to retain pictures and messages for only a brief time before they became irretrievable to their recipients.

Recently the application has changed from not focusing on person-to-person sharing to one presenting users with “Stories” of 24 hours of chronological content. Although only displaying the media for 24 hours, the application is now set by the user, 1 second up to 10 second or not limited.

Fusion have recovered snap chat messages such as; ‘Communicate via Snapchat as the police can’t recover these messages!!’. Demonstrating that users believe the Snapchat messages are irretrievable.

Yes, Snapchats are recoverable forensically…..

Historically users of Snapchat believed that the data was gone for good, thus making the application popular with users who wanted to communicate in a stealthy or secretive manner. Unknown to most, the data was still available for recovery, being held on the handset but not user accessible in a database.

In later versions the data is stored in the cloud and would require a subscriber request to Snap Inc (the software providers of Snapchat).

product.jpg

Snap Sunglasses

Today we are finding that Snapchat multimedia in the form of photos and video clips are being held in a third location that can be easily overlooked! Have you heard of Snap Spectacles? Well if you haven’t, they look like any regular sunglasses but can hold up to 4 GB in storage, up to 150 videos or 3,000 photos.

Fiona Litchfield

Cabbie needs to prove his innocence

Cabbie.jpg

Sometimes we are not always aware what our own Mobile Phone devices are doing! Previously set up settings/ notifications that we have forgotten about are sometimes actually carrying out actions in the background whilst we are going about our day to day business!

Fusion Forensics recently had an enquiry where the police were alleging that a cab driver was using his phone when he had pulled into the taxi rank. The police even produced body cam footage in support of this accusation.

The taxi was in fact stationary and the police did not produce supporting evidence in the form of cell site or extracted handset data clearly showing the activity on the device. Such driving offences should be supported with the aforementioned evidence.

Law enforcement generally investigate volume crime with the lowest possible budget. If the client is genuinely innocent, Fusion can assist in proving such by extracting valuable data from the device which can dispel eye witness testimony. Fusion are one of the few companies in the country that can provide you with this valuable evidence. It is crucial both pieces of evidence are obtained as there may be conflicting information, such as sent text messages and calls take their times from the handset, which maybe be set incorrectly.

Laura Wright

Why investigating malware is becoming so important

Malware.png

There are many reasons behind why malware is appears on user’s computers. One such reason is to have the compromised computer added to a network of similarly infected devices (called a Botnet), rendering each one under the control of a central operator. As is it often the case, this process is achieved without the knowledge of the genuine user, whereupon these computers metaphorically become ‘Zombies’.

The Botnet operator can then rent out the services of the Botnet to underground figures to facilitate mischief or for illegal purposes. Some examples of this include:

• Mass e-mail spamming

• Direct Denial-of-Service (DDoS) attacks to bring down online services

• Pay-per-click fraud

• Information Theft

• To download illegal images and store remotely on the zombie device

Fusion Forensics have assisted clients that have fallen victim to this practice. Recently a client’s computer fell foul of a nightmare scenario when their infected computer was found to be storing indecent images without their knowledge. Following a thorough investigation, Fusion proved the machine was being controlled remotely to store the illegal content, saving the client from the life changing implications of being wrongly prosecuted of a sexual offence.

Software defences to malware are getting better; however the malware technology behind Botnets is fast becoming more advanced with Smartphones, particularly Android devices, coming under increasing threat. Seemingly innocuous apps containing sophisticated malware are now being found within various app stores. Once infected, it becomes very difficult to remove, never mind detect the infection.

Polymorphic Malware, viruses or trojans that constantly change their identifiable characteristics to avoid detection by standard anti-virus software, are now the latest challange. Traditional methods of detection are being evaded; however, advanced tools utilising static artificial intelligence engines are fighting back.

As long as the malware threat exists, there will always be a need to ensure that a thorough investigation to establish what has really happened on a device. If malware is an issue in your case, Fusion Forensics backed by our partner malware experts from Custodian 360, can assist you in getting to the root cause.

Stephen Haslett