Mobile Cyber Forensic Investigations of Web3 Wallets on Android and iOS

【Author】 Mirza, Mohammad Meraj; Ozer, Akif; Karabiyik, Umit

【Source】APPLIED SCIENCES-BASEL

【影响因子】2.838

【Abstract】Featured Application As many new mobile device applications are leveraging blockchain technologies, Web3 wallets were created as a tool to store, manage, stack, and perform cryptocurrency-related transactions. Therefore, it is necessary to investigate what these new nontraditional applications store in their mobile apps and what can be recovered through cyberforensic procedures, which can help the cyberforensics community, tool developers, and law enforcement. Constant advancements in technology have a significant impact on our everyday lives and the ecosystem in which we live. The growing popularity of cryptocurrencies (e.g., Bitcoin and Ethereum), along with Non-Fungible Tokens (NFTs), which are founded on blockchain technology, has opened the way for these blockchain projects to be integrated into a wide range of other kinds of applications (apps). Today, cryptocurrencies are used as a popular method of payment online; however, their popularity on the dark Web is also increasing. For example, they can be used to buy and perform various illegal activities among criminals due to their anonymity. Web3 cryptocurrency wallets, used to store cryptocurrencies, have not been studied as thoroughly as many other apps from a digital forensic perspective on mobile devices, given the increasing number of these services and apps today for many platforms, including the leading mobile operating systems (i.e., iOS and Android). Therefore, the purpose of this research is to guide investigators to unlock the full potential of popular cryptocurrency Web3 wallets, Trust Wallet and Metamask, to understand what can be recovered, and to look at areas where there are knowledge gaps. We digitally analyzed and forensically examined two mobile wallets that do not require any personal identifiers to register and are widely used for Web3 cryptocurrencies on Android and iOS devices. We review the digital evidence we have collected and discuss the implications of the forensic tools we have used. Finally, we propose a proof of concept extension to the iOS Logs, Events, And Plists Parser (iLEAPP) tool to automatically recover artifacts.

【Keywords】blockchain; cyber forensic; crypto wallet; data privacy; data security; digital forensic; digital wallets; mobile forensic; Open Source Intelligence (OSINT); Non-Fungible Tokens (NFTs); Web3

【发表时间】2022 NOV

【收录时间】2022-11-30

【文献类型】实证数据

【主题类别】

区块链治理-技术治理-数字货币钱包