Agape Blog

This article is primarily for the aspirants and investigators of the IT forensic World. It is a fact that the technique of capturing the evidence from the crime site decides the course of an investigation. In order to make this process more effective and reliable keeping the parameters like significances and volatile nature of data in business. Here arises the need of an innovative technology that can be applied to capture “live” evidence on a computer at the scene of an investigation before it is powered down.

This article is written with a purpose to provide you the glance over the efficient software technologies which are especially innovated to craft investigating procedures trouble-free & absolute.

To facilitate & decipher the evidences collection procedure simple, Agape Python, which stands separate from the crowd of others, designed exclusively for law enforcement agencies. It provides fast, easy-to-use, comprehensive, cost effective forensic capabilities which require nominal computer knowledge to apply. It is integrated with number of commands which can considerably minimize the time to collect digital evidence at the crime site. It eliminates the necessity to seize a computer itself, which usually involves disconnecting from a network, potentially losing data. Instead, the investigator can scan for evidence on site. In view of the fact that the network data is so volatile this may be lost in a process of turning off the computer.

It is an all in one software that supports Index Hard Disks on the fly, decrypt passwords and analyze a computer’s Internet activity, as well as data stored in the computer and much more…. with lighting speed.

And all these unique functionalities comes in a light weight, easy to carry, ready to use plug-in USB “thumb drive” to seize the data from the computer that may have been used in crimes without taking into the custody. So Just “PLUG IN & EXTRACT”

Jayesh Bellani
Executive: Fraud Management System
Agape Inc

Agape Inc, India’s first ever cyber forensic company launches Tech Pathways for Indian Market. Technology Pathways is a leading edge provider of computer security tools and services for the Corporate IT, government and legal communities.

This launch will underscore the ongoing commitment of Agape Inc to provide expanded services within its products and services as new security standards and methods evolve.

The ProDiscover® family of security products combines high quality, performance, and ease of use at affordable prices Technology Pathways provides products and services for:
• Incident Response - Quickly investigate and positively determine if any compromises have been made to your systems as the result of an incident – without taking your system out of service.
• System Audits – Effectively audit systems throughout the network to insure that they have not been compromised
• Internal Investigations – Investigate and monitor internal computer systems to insure compliance with the law or corporate policies.
• Computer Forensics – Thoroughly examine all data on a computer system, locate any evidence that is stored on that system and safely preserve that evidence for use in a court of law.
• Digital Discovery – Find and produce evidentiary quality electronic documents for civil proceedings.

For Further Product Information & price information mail us at: michelle[at]agapeinc.in (replace [at] with @).

To log online Cyber Crime Complaint call our Toll Free No. at 1800 209 6789 (For India Only)

Jayesh Bellani
Executive: Fraud Management System

In the world of cyber crime, where evil bytes are fast replacing whizzing bullets. Given the unrestricted number of free Web sites, the Internet is undeniably open to exploitation. Known as cyber crimes, these activities involve the use of computers, the Internet, cyberspace and the World Wide Web. There has also been a rise in crimes by the use of computers where hackers and computer professionals attack the government agencies, corporate offices, etc, and mostly the young people and teens are working as hackers and making use of computer as a weapon.

Many computer users will try to hide their tracks if what they are engaged in, is improper. But the technique used by typical computer user will be obvious to a forensic specialist. Whereas, Hackers and Professional Experts have advance knowledge to hide or even erase the inappropriate content from hard drive in sophisticated way which cannot be retrieve back easily.

For this Platform, Agape, India’s leading Cyber forensic Company has developed a software toolkit that allow you to be more effective and efficient in your hard drive forensic Analysis by providing advanced work environment for computer forensic examiners for less money. This set of tools helps you identify whether or not a targeted computer system was used to access inappropriate information. Compared to its competitors, Agape’s Toolkit is more efficient to use, runs fast, is not as resource-hungry, finds Active files as well as deleted files from unallocated spaces called “Slack” & offer many features that the others lack, and it comes at a fraction of the cost!

Toolkit includes different Software tools, each taking different role in the examination. It runs under Windows 2000/XP/2003/Vista/2008. The suit is incorporated with the write protection software and Hash Algorithm which ensures data integrity and eliminates any chance of data overwriting. Thus, Empowering the evidence that can be used in Court of Law. Suites include.

Text Analyzer enables quick search over hard drives, zip disks and floppy disk for key words or specific patterns of text. Its features include bookmarking and advanced searching which includes multiple words & multiple phrases searching.

Case Catalyst allows reviewing, searching and reporting of data in XML and HTML format and performs indexing of the files. It includes bookmarking and advanced searching features including multiple words & multiple phrases searching. It supports 200+ file formats for different applications.

Email Inspector is comprehensive forensically sound e-mail examination tools available for searching all supported e-mail files from system. It supports almost all e-mail files formats like Outlook e-mails files (.pst, .msg, .eml), Opera e-mail files (.mbs), Eudora, Netscape Messenger, Pegasus Mail, Calypso, FoxMail, .mbx, .pbx, .tbb etc file formats. It extract e-mails from suspect’s system and converts in readable format. Software also supports report making in XML and HTML format.

Net History Analyzer is a forensic software which acquire all internet history on system like Visited url history , cookies history, system’s internet temporary file and all internet pages that is html File saved in system and system bookmark file. Its functions include bookmarking and also support multiple words & phrases searching. Generates reports in XML and HTML.

RegExtractor is used for analyzing Windows registry entries. It finds incorrect or obsolete information in the registry. RegExtractor works with registry files copied from other computers. It contains information and settings for all the hardware, operating system software, most non-operating system software, users, preferences of the PC, etc. Generates Report in XML and HTML Format, Loads Multiple Registries.

For further information on our products and service visit URL: - www.agapeinc.in or E-MAIL us at info[at]agapeinc.in (replace [at] with @) or SMS AGAPE at 54646

The Internet Crime Complaint Center (IC3) which includes the FBI, 2008 Annual Report states that complaints of online crime hit a record high in 2008. IC3 received a total of 275,284 complaints, a 33.1% increase over the previous year. The total dollar loss linked to online fraud was $265 million, about $25 million more than in 2007. The average individual loss amounted to $931.

Where non-delivery of goods topped the rank (32.9%), which was followed by Internet auction fraud (25.5%) and followed by credit/debit card fraud (9.0%).

Of those who complained to the IC3 in 2008, 66% reported internet crime originating in the US, followed by the UK in second place at 11%, Nigeria 7.5%, Canada 3% and China 1.6%.

FBI Cyber Division Assistant Director Shawn Henry said, “”This report illustrates that sophisticated computer fraud schemes continue to flourish as financial data migrates to the Internet. It also underscores the need for continued vigilance on the part of law enforcement, businesses, and the home computer user to be aware of these schemes and employ sound security procedures.””

Agape Inc is now worlds first Cyber Forensic Company to comply with 9001:2008 Standards.
Agape received ISO 9001:2000 certification on 2 May 2008, and transition to 9001: 2008 was achieved on 29 Dec 2008.

ISO 9001 is a quality management standard. It applies to all types
of organizations. It can help both product and service oriented organizations achieve
standards of quality that are recognized and respected throughout the world.

The ISO 9000 family addresses “quality management”. This means Agape fulfills:
• the customer’s quality requirements, and
• applicable regulatory requirements, while aiming to
• enhance customer satisfaction, and
• achieve continual improvement of its performance in pursuit of these objectives.

The image given below shows our certificate.

Once again Microsoft got defaced by means of SQL Injection. Few days ago a defacer known as Agd_Scorp defaced 6 Microsoft websites. Few years ago, Microsoft was the target of the attacks mostly because defacers liked Linux more. Now it is just “for fame”. Also in this case defacer didn’t leave any message.

Recently a group of hackers named as PENTAGUARD had cracked into the government sites of Australia, America and England all at a time. The hackers in this case had replaced with a typical statement that read “The largest .gov & .mil mass defacement in the history of mankind”.

Defacement means the web content hosted on a server has been modified illegally. It need not indicate a full system compromise and is less damaging than cracking, which means the attacker may have access to other files in the system Indian Cyberspace is under tremendous threat of cyber hackers and cyber criminals. As per Computer Emergency Response Team India (CERT-In), which is a referral agency to report computer security incidents in the country, a total of 612 Indian websites have been defaced during March 2008. Commercial sector site are more prone to defacing (85% of total site defacement)in India than government sites.

In the recent past, it is blamed that hackers from India’s two neighboring countries have tried to deface the sites of our government agencies, which are having vital and sensitive security information. In the month of March 2008, 57 security incidents were reported to CERT-In from various national and international agencies. Intelligence agencies of India have taken the incidents very seriously and it was reported that the agencies met government officials and ministers on May 13, 2008, to discuss the issue of hacking of sensitive sites.

Dear team,

I am greatly thankful to the fraud management team at AGAPE for taking my case (orkut profile hacked) seriously.

I had filed a complaint at various places but could not receive any help from them. But after registering my complaint at AGAPE, within a week I received a mail from the fraud management team giving the details of my hacked ID. It was unbelievable. A million thanks for such an incredible job.

I give my high regards for such an effort done by you.

888888

Dear Sir,

I would like to express my thanks in getting my fake orkut profile blocked.

This has really helped me cause I was been terribly impersonated on orkut for months which had adverse effect on me and my family as there was a lot of personal information in the profile.

Thanks a lot for considering my case sensitive and helping me get back to my normal life.

888888

Hi,
You have done really good work. I tried to get this job done by many other means but nothing worked. Thank you so much for your assistance and the time you spent. God bless you.

Regards,
8888888

Dear Sir,

Thanks a lot for your support, pls note that I am able to open my e-mail id, now I want to change the password, I am trying to change that, but when I click on to change password it ask for previous passord & new passord,

I entered *********** as previous password, & a new passord, but it not changing and showing that the previous password entered is in correct.

Pls help.

Best Regards,

88888888

Note: Name of the client is not shown due to privacy & security reasons.

Cyber crime is no longer an alien term for anyone today. We have been hearing about it, reading about it and talking about it, quoting examples of some victims or fraudsters. With advancements in technology, criminals and their ways of commiting crimes are also getting advanced. To tackle this menace, we need some strong cyber crime prevention measures, may be in the form of cyber cells or cyber activity monitoring services. In India, we have very few cyber cells that can be easily counted on fingers. Of course this is not enough to address the enormous issue of cyber crime.

Recently, Mohali police took a lead in getting the state’s first cyber crime police station-cum-forensic science laboratory. The Rs 8-crore state-of-the-art project will end the Punjab Police’s dependency on forensic science laboratories in other states for various tests.

The building — which will house a cyber crime police station and laboratories in Physics, Texilogy, lie-detection, Biology, Chemistry and Ballistic, as part of forensic science — will come up within two years. The Punjab Police Housing Corporation (PPHC) is the executing agency of the project. Also, a training institute, the Punjab Police Training Institute for private security guards at Jahan Khelan is expected to complete by June 2009. The institute, which is worth Rs 10 crore, will provide training to 4,000 security guards every year and with the implementation of the Private Security Agencies (Regulation) Act, 2005.

This project is a step forward for the Punjab Police towards becoming cyber-savvy and a hi-tech police force with effective investigation of crimes through advanced modes. Such steps are what is needed to ensure that the technology does not harm people. Such steps indicate that India is getting ready to tackle hi-tech crime.

New way of fraud and internet scam (Internet Service Provider Consortium fraud)

This is to aware the chief executives of every company about the new way of fraud and internet scam. They might receive an mail (sample given below) which is scam and completely trying to compromise the system as well as network. The sender poses itself as a part of Internet Service Provider Consortium fraud team.

Here’s how the email would look like:

From: Monitoring Team
Date: 11/08/08 08:33:29
To: client
Subject: Your internet access is going to get suspended

Your internet access is going to get suspended.

The Internet Service Provider Consortium was made to protect the rights of software authors, artists.

We conduct regular wiretapping on our networks, to monitor criminal acts.

We are aware of your illegal activities on the internet which were originating from

You can check the report of your activities in the past 6 month that we have attached. We strongly advise you to stop your activities regarding the illegal downloading of copyrighted material of your internet access will be suspended.

Sincerely
ICS Monitoring Team

The analysis of cases reveal that these are new way of social engineering techniques to enter into the secure network or system. They provide attachment which is Trojan dropper, which will install after opening the detail attachment.  After installation system will be in a compromised state and the whole information of the system will be sucked  passively.

Remedial method to safeguard yourself from such an email is by deleting such an email straightaway. Also do not open the attachments.

For further assistance please mail to advice [at] agapeinc [dot] in

How many times have we seen companies suffer huge losses for the simple reason of security lapse! Traditionally security is perceived as an expenditure that erodes our bottom lines and budgets. Such an approach towards security needs to be reinvented to keep pace with the dynamic changes in our IT security landscape. To answer such various security threats, a 3 day conference began yesterday in Singapore that would conclude tomorrow.

The annual event called Governmentware 2008, is presented by The Ministry of Home Affairs (MHA), Singapore. This year’s theme, “Positive Security: Empowering Business Models of the Future”, highlights the need for all players in the infocomm ecosystem to adopt a more forward-looking paradigm in confronting IT security issues. The conference will be filled with action-packed demos with an attempt to encourage participants to embrace IT security as an opportunity to solve critical problems.

The conference program aims to highlight on the following points:

1. Security Issues related to Electronic Identities
2. Personal Digital Protection in the New Cyber Universe
3. Latest Cryptography and Biometrics
4. Critical Infocomm Infrastructure Protection
5. Database Security
6. Secure Wireless Sensor Devices
7. Wireless Security
8. Secure Collaboration Framework
9. nline Forensics
10. DIVA (Dynamic Isolation of Virtualised Applications)