Forensics


Kontacto – an insecure mobile app to track voters in ColombiaOur digital forensics investigations focus on Internet censorship, targeted malware, disinformation campaigns, election fraud,  digital attacks against media sites, and other digital threats against a free and open Internet.

We collaborate with independent media and investigative journalists to validate and enrich their stories with digital forensics. Qurium also assists with media dissemination so that the stories reaches a wider public beyond local media. Several of our media partners have been awarded for their work in investigative journalism:

  1. Kloop Media, Kyrgyzstan, Global Investigative Journalism Network (Best Investigative Stories from the Former Soviet Union — 2017)
  2. Azadliq.info, Azerbaijan, Guardian Journalism Award winner (2014)
  3. Premium Times Nigeria, Nigeria, Pulitzer Prize, as a part of the Panama Papers Investigation (2017)

This page includes all forensic reports that have been released to the public.  For full reports including media coverage, please see respective country page.

Azerbaijan

[December, 2019] Find Face and Internet blocking in Azerbaijan
[October 2019] Fineproxy used to launch DDoS attack against site critical of Azerbaijani state oil company’s leader
[July 2019] DDOS: the inconvenient business visitor of Name.com
[April 2019] Media websites from Azerbaijan under DDOS
[January 2019] SUS-759: Sandvine and Internet blocking in Azerbaijan
[January 2019] Political motivated attacks against azadliq.info
[August 2018] Azerbaijan and the fineproxy DIY DDOS service (Region40/QualityNetwork)
[April 2018] Corruption, censorship and deep packet inspection
[January 2018] Digital attacks against media reporting on SOCAR
[April 2017] Deep Packet Inspection and Internet censorship in Azerbaijan
[March 2017] News media websites attacked from Governmental Infrastructure in Azerbaijan
[December 2016] How Azerbaijan is trying to block main opposition media news

Colombia

[November 2019] Kontacto and Translife
[October 2019] Kontacto – an insecure mobile app to track voters in Colombia
[October 2019] Kontacto’s lack of security exposed data from 55.000 people
[November 2019] Fake news and the Kontacto troll army

Cuba

Congo (DRC)

[Jan 2019] Democratic Republic of Congo shutdowns the Internet after Elections

El Salvador

[October 2019] Intrusion attempts against “Revista Factum” in Salvador

France

[May 2017] #MacronGate, tracing the source of the Macron offshore papers
[May 2017] The disturbing role of social media during the Champs-Elysées attack

Iran

[February 2018] PART 3: Fake mobile apps in Iran, Fraud, Phishing and Users at risk
[February 2018]  PART 2: Fake mobile apps in Iran, – when spyware and click fraud can put millions of unaware users at risk
[January 2018] PART 1: Tracking Mobile Spyware during the Telegram blocking in Iran

Jordan

[March 2018] Internet blocking in Jordan

Kazakhstan

[September 2019] Collateral blocking in Kazakhstan traced back to illegal prostitution ring
[July 2019] Kazakhstan impose users to install government controlled certificate – FAQ

Kyrgyzstan

[Oct – Dec 2017] Elections in Kyrgyzstan 2017, Exposing Samara, a fraudulent voter management system

Myanmar

[January 2017] Unrest in Myanmar

Philippines

[Apr 2019] What is hosted at the Suniway network?
[March 2019] Attributing the attacks against media and human rights websites in the Philippines
[January 2019] Alternative news agency from Philippines “Bulatlat” under denial of service attack

Spain

[October, 2018] One year after denial of service against registremeses.com
[October, 2017] Evidence of Internet Censorship during Catalonia’s Independence Referendum
[October, 2017] Blocking techniques Catalunya

Turkmenistan

[September 2019] Turkmenistan blocks Google’s cloud storage
[July 2019] Turkmenistan and their Golden DPI

Vietnam

[July 2018] DDOS against luatkhoa.org and thevietnamese.org
[June 2018] DNS tampering in Vietnam

Zimbabwe

[August 2018] The cyber attack against the Zimbabwe Electoral Commission