Computer Forensics and Investigation
Overview
In this assignment, I carried out a complete digital forensic investigation of a student who was under suspicion of planning a theft at a stately home. I utilised Cellebrite forensic tools in investigating the suspect’s smartphone and discovered significant evidence like encrypted messages via the NoClue app, where the suspect was promised 100,000 Bitcoin for the theft of a Picasso painting. Additional examination revealed damning internet searches (e.g., balaclavas, van rentals, and Mirai bot malware) and geolocation data proving two visits to the victim property. The investigation also revealed financial motives, such as searches for student support and a history of financial instability, while cross-referencing Instagram posts and device metadata confirmed the suspect’s identity and previous ownership of the device.
The case prioritised advanced forensic techniques, including hex analysis in the recovery of login credentials to social media platforms, timeline analysis of user actions, and determination of device ownership through activation logs and SIM card records. The evidence reflected clear intent and preparation, which linked the suspect to the theft operation. This project highlights my skills in digital forensics, including data extraction, behavior analysis, and reporting results for legal determination.