Escolar Documentos
Profissional Documentos
Cultura Documentos
About
Neeraj Aarora: FICWA, LLB, PGD (Cyber, DLTA & ADR), MBA (IT), CFE (USA)
A Platform to discuss & analyse the Financial and Cyber Forensic, including the various legal w ays to tackle Financial, Cyber and Share frauds w ith various Legal Forms and Investigating Authorities.
If you're new here, you may w ant to subscribe to my RSS fee d . Thanks for visiting! NET4INDIA Case: The present case pertains to online theft of prepaid internet telephony minutes belonging to the complainant company maintained on its server by one of its employees. The said employee unauthorisedly accessed the server containing the PINS of the Internet Telephony minutes w hich w as restricted by passw ord and access w as available to only few key employees. The unauthorized access w as noticed from unknow n (Internet Protocol address) IPs w hich the offender used to make unauthorized access. The brief facts of the case: The company N4India Ltd. (N4India) is engaged in providing a range of internet related services including internet telephony and voice over IP netw ork services. It markets its internet telephony services under the brand name of
Wh at Were Readin g
1. D ev elopment B log
Searc h for:
Search
pdfcrowd.com
Profiles Still Big ProblemWhat To Do 10. C y ber Imposter created fake profile of President of India
Phonew ala.com. Track Online Net India (P) Ltd. is the US Arm of N4India w hich buys bulk internet telephony minutes from US Companies like; Net2phone, Go2Call etc. The Internet Telephone Minutes (TM) sold in India as (1) Cash Calling Cards (2) Online Cash Cards. The PIN Number of TM is kept online at server of Net2Phone
221.134.63.151 19/08/2005 Passw ord 221.134.63.8 20/08/2005 AM Success 00.30 Login 02.07 AM Incorrect
L at est Post s
1. Will You B e My V a le ntine ? 2. C ENSORING THE UNC ENSORABLE 3. B lowing the Whistle 4. D ABB A TRA DING G OES ONLINE 5. Phishing Sca ms in India a nd Lega l Prov isions 6. Plea Ba rgaining- A New Development in the C riminal Justice System 7. C y berspa ce-A new front of war 8. FIR in C y ber Squa tting: Misinterpretation of IT Act 9. C y ber Imposter created fake profile of President of India 10. Forensic A ccounta nt: Reliability & admissibility as Expert Witness
USA (Vendor) under its control Restricted/protected by passw ords to key employees of N4I. The management noticed the theft of internet telephony minutes w hich w as most surprising as the access to the server w as restricted by passw ord w hich w as available to few key employees only. The prepaid Internet Telephony cards belonging to N4I w ere available at cheaper rates in market not sold by Net4India causing it huge revenue loss. How the culprit was caught: Obviously, it appeared to be handiw ork of
some insider. The investigating agency advised the company to change the passw ord and give access to few select key employees. The idea w as to trap the person w ho is making unauthorized access to the server of Net2phone w here the PINS of Internet Telephony minutes belonging to Net4India w ere stored. The intruder making unauthorized access w ould surely leave behind its footprint in the form of IP address. As predicted, failed unauthorized access w as noticed at the w eb application of US Company Net2Phone server from a specific set of IP addresses. IP Address captured by Web Application Net2Phones application recorded failed/successful login from the IP addresses show n below :-
A rc h iv es
1. Februa ry 2012 2. D ecember 2011 3. Nov ember 2011 4. August 2011 5. March 2011
Table A: IP Address 221.134.63.151 ord 221.134.63.151 ord Date 19/08/2005 19/08/2005 Time 02.00 AM 02.04 AM Event Incorrect Incorrect Passw Passw
4. Da bba Tra ding 7. WordPress Pla ne t 5. D ata The ft 6. E-C ommerce Fra ud
13. Obscenity / Pronogra phy 14. Other La ws 15. S ha res Fra ud 16. Unca te gorized
Cat egories
1. C y ber Forensics 2. C y ber La wy er 3. C y ber Offenses / C ontravention
7. Fina ncia l fore nsics 8. Identity Theft 9. Informa tion Technology A ct 10. Intellectua l Property Right 11. Internet Fra ud 12. IT Amendment Act Are you a developer? Try out the HTML to PDF API New hot app: Facebook Albums To PDF
Met a
1. Re giste r 2. Log in
pdfcrowd.com
6. D ecember 2010 7. Nov ember 2010 8. S eptember 2010 9. June 2010 10. May 2010 11. A pril 2010 12. Februa ry 2010 13. Ja nua ry 2010 14. D ecember 2009 15. October 2009 16. S eptember 2009 17. July 2009 18. June 2009 19. May 2009 20. March 2009 21. Februa ry 2009 22. Ja nua ry 2009
221.134.63.8
20/08/2005
00.36 AM
Login Success
Thus, someone w as trying to make unauthorized access to the w eb application. Who is the intruder? It w as noticed that an engineer of the N4India has accessed his email
ID h a ris h .s @n 4i.n e t d uring the same time (as per IST) from the same IP addresses as above. Thus, he w as the culprit and mouse trapped. The log detail of the email ID of Mr. Harish was obtained from ISP: Table B: IP address 202.71.133.12 221.134.63.151 Date 18/08/05 19/08/05 Time 06.10 PM 01.57 AM Event IP belongs to N4I User ID: 10.251.132.151Franchise Details:B1-43, End 202.71.133.12 221.134.63.8 19/08/05 20/08/05 06.45 PM 00.28 AM Ashok Nagar IP belongs to N4I User ID:Ha ris h .s @n 4i.n e tMachin e ID: 10.251.132.151Franchise Details:B1-43, End Ashok Nagar Near East New Apartments, Near East New Apartments, ID: Ha ris h .s @n 4 i.n e tMachine
The comparative analysis of the Table A vis--vis Table B was made which
1. Unauthorised access made by Harish to the w eb application but he failed. 2. Harish made unauthorised entry to the Corporate office of the N4I at Noida. 3. He accessed his email account unauthorisedly from the netw ork of one colleague 4. He collected the updated authentication details and sent it by his official mail h a ris h .s @n 4i.n e t to his personal E-mail account. 5. After this he returned home and he tried to access the Net2phone application but his login failed. 6. He again came to the corporate office and managed to get the appropriate passw ord from the computer at corporate office. 7. He returned home and accessed his email account and made a successful login to the Net2Phone application Accused persons arrested: The accused Harish w as arrested. He confessed his involvement. He emailed the unauthorized PIN Numbers to his fictitious Email IDs. The PINs & passw ords w ere kept in these emails and forw arded to various buyers. He disclosed the names of buyers; one of such buyer w as Mukesh Jindal of Chandigarh. Mukesh Jindal w as arrested and he accepted that he purchased TM from Harish and received the same at his personal email ID. The detail of email Id of Mukesh Jindal collected from Rediffmail reveals that said ID w as being used by the accused Mukesh Jindal. Collection of electronic evidence: The fake E-mail Id of the Harish w as accessed containing pins and passw ords to various cash cards of TMs. The data w as seized. One hard disk of the computer belonging to Harish w as made, seized from his residence:
1. The image copy prepared, generated hash value. 2. Seizure Memo prepared. The laptop used by Mukesh Jindal containing the email records w as seized from him:
1. The image copy prepared, generated hash value. 2. Seizure Memo prepared. The mirror image copy of the Hard disks w ere analyzed-Contained incriminating evidence. Accused persons accessed their personal Email Ids- Misappropriated PINS found. Other connecting evidence collected: 1. The bank account statements of the banks in w hich money pertaining to misappropriated data exchanged hands. 2. Entry register record establishing the entry of Harish at the Corporate office. 3. Statement of officials of N4I u/s 161 Cr.P.C.. Conclusion of the case: The aforesaid mirror image copy and the hard drive w as sent to FSL for forensic report. Forensic Report received corroborating the above facts, thus, connecting the accused persons to crime. Charge sheet against the accused person is filed in the court and aw aiting verdict of court. Sh a re Th is
Reader Commen ts
I finally decided to w rite a comment on your blog. I just w anted to say good job. I really enjoy reading your posts.
pdfcrowd.com
pdfcrowd.com pdfcrowd.com