Great news!! A much waited Android forensics app was just released in beta version: Bugbane allows self-analyzing our devices for indicators of malwares such as Pegasus or the Cellebrite's ones, using Amnesty International's Mobile Verification Toolkit directly on the phone. Consider sending your feedback to the team!

https://osservatorionessuno.org/blog/2025/09/bugbane-simplifying-consensual-android-forensics/

#bugbane #forensics #infosec#android#MVT #phonesecurity #pegasus #cellebrite

Great news!! A much waited Android forensics app was just released in beta version: Bugbane allows self-analyzing our devices for indicators of malwares such as Pegasus or the Cellebrite's ones, using Amnesty International's Mobile Verification Toolkit directly on the phone. Consider sending your feedback to the team!

https://osservatorionessuno.org/blog/2025/09/bugbane-simplifying-consensual-android-forensics/

#bugbane #forensics #infosec#android#MVT #phonesecurity #pegasus #cellebrite

Update 2: As far as I can tell, the servers that caused the leak belonged to the DOJ in Montana. We reached them in two ways:

• Through this post we got contact to the vendor of the software. With the Serial# (in the extraction reports) they could identify whom to call.
• A friend had a contact in one of the affected police department and they reached out to the DOJ.

Thanks to this community I was also able to get a contact within the FBI. Furthermore some media contacted me and a lot of Mastodon users provided me with additional contacts.

Event though I contacted the AG in Monatana and one PD, no one has reached out to me from the DOJ side.

Update 1: Leak is closed. Will write more tomorrow. Thank you to everyone who helped.

Phone forensics

Usually law enforcement is very secretive about them analyzing the phones of suspects.

But a forensic lab in #montana is extremely transparent about it. They put the dump of every phone on a public share. Everyone with Internet access can access those dumps.

While I am usually a proponent of government transparency, this takes it a bit too far even for my taste.

Every phone dump is one directory and some case names can be easily connected to crime & death headline news in the U.S.

So for one case I am pretty sure, that I can even say which Sheriff is responsible for that one of the investigations.

I sent that Sheriff an email, i sent him a text message and I even spoke on his voicebox. I even sent him the extraction report from Graykey.

It is really frustrating that I get no response at all. The leak is still open.

The security researcher that found the leak also tried some contacts but had as little success as I do.

I personally believe that this leaks even constitutes a federal crime. Some cases have names ending on CSAM. The security researcher stayed away from any of those and I did not access the files on that server at all.

So does anybody know someone within the #fbi that would give a shit about that. I am getting very tired.

#graykey #cellebrite #forensics