Deanonymization of Fraudsters on Telegram
Situation:
Fraudsters on Telegram were threatening the company and its top management by publishing information from a defamatory angle.
Our Solution:
Given that the posts sometimes included details about ongoing projects and future initiatives, it became evident that the perpetrator was either an employee of the company or someone deeply involved in its internal affairs (such as a relative or a contractor). The channel also featured personal data and salary information of senior executives, accompanied by negative commentary.
A technical analysis of the channel, including a review of all published content and metadata of attached files, revealed certain patterns and helped narrow down the pool of potential authors. Notably, one of the images contained geolocation coordinates – just a few dozen meters from the home of a primary suspect.
As a result of the investigation, the individual behind the channel was identified. Further profiling and investigation of this person, his colleagues, and direct manager uncovered the root of an internal conflict that escalated into the leakage of both trade secrets and personal employee data.
Situation:
Fraudsters on Telegram were threatening the company and its top management by publishing information from a defamatory angle.
Our Solution:
Given that the posts sometimes included details about ongoing projects and future initiatives, it became evident that the perpetrator was either an employee of the company or someone deeply involved in its internal affairs (such as a relative or a contractor). The channel also featured personal data and salary information of senior executives, accompanied by negative commentary.
A technical analysis of the channel, including a review of all published content and metadata of attached files, revealed certain patterns and helped narrow down the pool of potential authors. Notably, one of the images contained geolocation coordinates – just a few dozen meters from the home of a primary suspect.
As a result of the investigation, the individual behind the channel was identified. Further profiling and investigation of this person, his colleagues, and direct manager uncovered the root of an internal conflict that escalated into the leakage of both trade secrets and personal employee data.
