Researchers from the University of Macedonia in Thessaloniki opened a breach in security, based on the features of the computer’s memory that can be used to gather passwords and other sensitive data, even if the PC is turned off.
Christos Georgiadis and colleagues explained how their discovery could be used by experts in forensic science to extract evidence of prosecutorial computers and hackers to obtain personal information and bank details.
The researchers pointed out that most people assume that when you turn off the computer all the data in RAM are deleted, wrote ‘Flight International’. In fact, they are lost when the power supply is broken.
Scientists believe that criminologists and so attackers can gain access to the data most recently used applications. They pointed out that the launch of new memory-demanding applications will overwrite data in memory while using the computer, but simply off the machine leaves the vulnerability in the security and privacy. So when scripts to extract forensic evidence from off the computer easier than working.
The team tested their approach to retrieve the data from RAM after a shutdown, we run the commonly occurring scenarios, including access to Facebook, Gmail, Microsoft Network (MSN) and Skype. They performed a memory dump at 5, 15 and 60 minutes after opening. Then used a well-known forensic recovery tools to put together pieces of different fragments of the extracted data.