Microsoft’s Forensics Tool (Cofee) Spills onto Web
Microsoft’s point-and-click “computer forensics for cops” tool has leaked onto the web.
COFEE (Computer Online Forensic Evidence Extractor) is designed to allow law enforcement officers to collect digital evidence from a suspect’s PC without requiring any particular expertise. Using the technology – which recovers a list of processes running on an active computer at the scene of an investigation – involves inserting a specially adapted USB stick into a computer.
Grabbing data from a PC without interfering with the machine is no substitute for a detailed examination by experts where something amiss is discovered, but still attractive to the computer crime authorities. It allows police to search a computer’s internet history, analyse systems and data stored and even decrypt passwords, without having to transport the machine to a lab. It does this in a fraction of the time the process would normally require.
The free-of-charge tool (actually a bundle of 150 applications) was developed by Microsoft and distributed solely to law enforcement agencies, most recently via Interpol. Despite this, copies of the software leaked onto the web and were briefly made available via BitTorrent, before the torrent tracking file was pulled.
This article was written by L. Scott Harrell and is posted courtesy IRBseach, LLC.
IRBsearch offers The Most information, The Best data sources, and The Fastest delivery for locating people, businesses, and their assets. With one click you can search billions of records in just a fraction of a second.
