Case Studies

Case Studies


Mobile Forensics

LEA finally filed a charge sheet based on the evidence found in a successful investigation conducted by one of the leading cyber labs in India with the help of Cellebrite UFED for PC.

The investigation was related to a female who was a victim of sexual harassment through the transmission of indecent messages and obscene pictures.

Earlier the police swung into action but ran into an issue while trying to get the required evidence from the criminal’s phone since the phone’s display was damaged. Lack of physical evidence might have run the entire case in difficulties.

The mobile phone had to later undergo a defined set of processes of data extraction and interpretation of the factual shreds of evidence, to prove the cybercriminal’s action’s in court. At this point, UFED for PC with boot loader (lock bypass) was used to successfully gather the required evidence which led to filing a charge sheet under sections 469, 500 (I) (b), and 509 of the Indian Penal Code.

CDR Analysis Software

White Collar Investigation

A company was suspected of evading taxes, this is when one of the law enforcement agencies which lead tax-related matters reached out to the Pelorus team to further investigate the case.

Earlier a whistleblower had tipped off an officer within the agency. On further investigation, a suspected employee computer was searched. Tableau Disk Duplicator was used for imaging the hard drive and the image was further processed through Access Data FTK. Based on “ShellBag” analysis and “.LNK”  file analysis the team found out that a particular outside storage device was continuously used by the suspected user of the computer.

The team in their report asked the tax officer to go for a deep search for an external device. On searching the office the team found out a couple of pen drives out of which one was encrypted and the suspect denied and refused to acknowledge such encryption as the same pen drive was not working on the officer’s laptop. When the team connected the pen drive to the suspect’s computer and found it opened without showing any encryption. The software was launched and accounting data was easily extracted which led to the accused being proven guilty.

If not for the Pelorus investigator’s knowledge and experience it would have been difficult to locate the outside storage device and a way to launch the software to catch hold of the accused.

Mobile Forensics

Image and Video Forensics

Three to four persons came out of a car and vandalized cars parked in a mall’s parking lot in the city.

The parking lot had entry and exit cameras, and one of the cameras had a clip of the criminal’s an automobile and license plate. The issue was that the number plate was hazy. The investigators had to trim the videotape down to the time where the number plate could barely be seen and run it through Amped Five.

The investigators were assisted by Amped Five in improving the video footage. This analysis was helped because of having an all-in-one solution like Amped Five with over 130 filters and tools to convert, process, enhance, analyze, show, and document photos. As expected, the video clip process proved to be significant evidence, and law enforcement officials were able to apprehend the perpetrators as a result.

Mac Forensics, Computer Forensics


Pelorus was contacted by a law enforcement agency regarding a critical case. The hard drive that was supposed to hold crucial evidence was broken.

Atola Imager are the only commercially available equipment capable of automatically diagnosing a drive, pinpointing the exact malfunction (if any), and recommending the best course of action. The hard disc was examined by the investigator by running a diagnosis of the hard drive.

The drive’s circuits, heads, media surface, firmware, and file systems were all automatically diagnosed by Insight, and a clear and complete report was generated, revealing that the hard disk’s PCB was corrupt. The hard disk began to work correctly once the PCB was replaced. The evidence discovered, as expected, proved to be an important and pivotal component in the LEA’s further investigation.

Mobile Forensics, Mobile Unlocking Solutions

Password Recovery Tools

A law enforcement agency contacted Pelorus about a suicide case. One of the suspects committed a crime and fled the scene. Police were unable to trace his criminal history or the reason for his suicide. They tried to find out the same thing on his phone and computer. They didn’t find anything odd on his phone. As a result, they attempted to search his computer for proof. However, due to the password lock, investigators was unable to continue their investigation. So, with the help of Pelorus experts, they were able to crack the password using one of the Elcomsoft forensics bundle’s tools. So, with the help of Pelorus experts, they were able to crack the password using one of the Elcomsoft forensics bundle’s tools. After this, the police were successful in investigating the computer ­and procuring leads from the evidence to present in the court of law.

Mobile Unlocking Solutions, Mac Forensics

Big Data Intelligence and Fusion Solution

Four to five people carried out an attack on a neighborhood shop in city. Police arrived at the scene of the incident, and they apprehended culprits using CCTV cameras. They extracted the attackers’ cell phone for further examination. They were unable to reach a proper conclusion after examining all of the data since the data of the perpetrators did not match.

Because the police were unable to reach a conclusion, the matter was quickly solved with the assistance of Pelorus’ technical specialist who used Pathfinder. Cellebrite Pathfinder is the industry-leading solution for assisting law enforcement in completing investigations more quickly. It uses artificial intelligence to quickly filter through all forms of digital data, automatically decoding it to reveal important evidence and actionable insights from digital devices. When the data was entered into Pathfinder, they noticed that everyone had a common individual who was the main one to create an attack and was linked with either a call or a message.

After all the proof the person confessed that he was the one who manage the whole attack. Later action has been taken with presenting forensically sound reports in court. In this way, Pathfinder helps to identify the culprit.

Drone Forensics, CDR analysis

Image and Video Forensics

The warehouse where the fire started is located in a densely populated urban area. Flames and smoke are reaching dizzying heights. In such a case, firefighters were attempting to extinguish the fire as soon as possible.

Police later arrived to conduct an investigation. Authorities were disappointed with the evidence since they couldn’t figure out how the fire erupted. After a long time, police discovered that there was CCTV in the warehouse. They looked for the CCTV DVR box, but it had been damaged by fire. The DVR box could not be booted by police.

After further consideration, they decided to enlist the assistance of Pelorus. Pelorus’ technical expert obtained the ‘ Video Investigation Portable Kit,’ which comprises a write blocker, connection wires, and other items. VIP (Video Investigation Portable) 2.0 promotes the efficient and effective extraction and recovery of digital media evidence by utilizing the forensically sound manner approach, audio and video evidence can quickly, easily, and securely be recovered directly from CCTV DVRs, save from the expensive and time-consuming process and give you a smarter video Investigation with lower cost. They took the CCTV hard disc from the CCTV DVR box and made connected it with the Video Investigation Portable (VIP). The CCTV DVR box had been damaged, but the hard drive was still intact, it was discovered. The expert was able to retrieve all of the data after reviewing the hard disc. Within one hour of filtering the data expert analysis, the warehouse caught fire due to a short circuit. After the cause of the fire was determined, reports were submitted, and insurance was later settled.

Security Surveillance, Password Recovery Solution

Computer and Disk Forensics

Thousands of complaints about bank fraud are filed each year. The circumstances vary greatly, ranging from disputed transactions to cash withdrawals. The same case has been reported to Pelorus for investigation. One of the bank’s customers filed a complaint against the bank, alleging that his documents and bank information were misused for other purposes without his authorization. He realized his account had been abused when he began receiving notifications for services he had never used. Taking the customer complaint into account, the bank manager began his investigation and later questioned three people who worked for the bank. The manager grabbed the phones and computers of these three people and turned them over to the police for investigation. One of the three computers was a Windows system, while the other two were Macs.

The police were unable to get data for further inquiry. As a result, they approached Pelorus. Pelorus sent a special team. Cellebrite Digital Collector was used by Pelorus professionals to extract data from both Mac and Windows systems.

Pelorus professionals analyze data in Cellebrite Inspector after extracting information from a MacBook and a Windows system. They obtained proof from a Mac book after analyzing it. And subsequently, out of the three people, they discovered the real criminal, who admitted his crime after being interrogated.

Mobile Forensics, Drone Forensics

Computer and Disk Forensics

The globe has become more connected in today’s digital age. Connecting with people through various mediums has become simple. Messaging fraud is one of the most rapidly expanding sorts of crime, and it is quickly becoming a scary reality. LEA received a case that was somewhat similar. The victim filed a police report alleging that he had been receiving blackmailing messages on a regular basis. The investigation began with the assistance of LEA. They tracked down the source and place from which the messages were sent.

According to LEA, the criminal used to send messages from a cybercafé. Digital forensic experts identified 32 PCs in total after visiting the location, and they estimated that retrieving data for investigation would take 15 to 20 days. Even if other approaches were used, imaging all of the data from 32 PCs would take a long time. They decided to seek Pelorus’ advice. Pelorus professionals arrived at the investigation scene with ADF tools. Using the ADF tool, he was able to gather evidence and picture all of the PCs in a single day. After immediately going over all of the information, they devised a system for delivering messages, as well as using CCTV and an entry book to arrest the criminal.

Digital Forensics Solutions, Password Recovery Solution