January 10, 2014Singapore0
Case: Key logger
Brief: A client suspected that information had been stolen from a laptop, including passwords and confidential data. He suspected that malicious software, a key logger, had been “planted” on his computer by a third party.
Outcome: Using forensic tools, RP-DS forensically imaged the computer and restored the forensic image to a secure environment within RP-DS’ office, and then began intensive investigation. A commercially available key logger was identified on the machine. The client naturally wanted to know where the data was being sent to, but the marketing for the software states that all such information is encrypted using 256 AES (US top secret rating).
Using advanced techniques, we were able to “bypass” the encryption, which was considered unbreakable, and revealed not only where the information was being sent (an email address), but also the license key purchased with the software, thereby providing another avenue of investigation.