Key Points 🔗︎
In light of the COVID-19 outbreak and the cyber threats taking advantage of the global pandemic in early 2020, we at Maltego recognized the urgency and need for OSINT and infosec resources across academia and various industries to combat opportunistic threat actors. We founded the Maltego Academic & Non-Profit Program to support academic institutions, NGOs, community initiatives, researchers, journalists, and individual investigators in safeguarding the internet and unveiling malicious activities.
In this article, we spotlight a number of projects and partners we have been working with through the Academic & Non-Profit Program 2020-2021.
About the Maltego Academic & Non-Profit Program 🔗︎
The Maltego Academic & Non-Profit Program is an annual partnership program that offers selected participants both technical and consultancy resources for non-profit projects and research. Application and admissions open every year from April to May, followed by regular check-in sessions with the Maltego team.
To date, the Maltego Academic & Non-Profit Program has been running for more than one year, supporting over 60 public, private, and non-profit institutions, organizations, and individuals. Through the program, Maltego has contributed to university curricula, anti-human trafficking initiatives, cyber threat research, investigative journalism, child protection projects, disinformation analysis, educational events, and many more.
The Academic & Non-Profit Program Spotlights (2020-2021) 🔗︎
Here are some of the projects and achievements of our 2020 program partners using Maltego.
1. Philipp Mieden and His Maltego Integrations for Netcap and DittoTRX 🔗︎
Philipp Mieden is a security researcher and software engineer from Germany, currently focusing on network security monitoring and the use of machine learning while pursuing his master’s degree in Security and Network Engineering at the University of Amsterdam. Through the Academic & Non-Profit Program, he has been working with the Maltego team to enrich and fine-tune the Netcap integration that he developed for Maltego.
The Netcap integration will help investigators analyze raw network traffic and packet capture (PCAP) files visually in Maltego to identify attacks and vulnerabilities. It includes roughly 50 Entities and 60 Transforms that are locally installable on Mac, Linux, and Windows. It is especially useful for forensics and offensive investigations as well as for technical investigators reporting to management.
The integration is partially documented here and a new version will be released soon.
Recently, Philipp Mieden released another Maltego integration, this one for DittoTRX, which helps investigators easily check domains of active imposters in Maltego.
“Working with the Maltego team was a great experience and their guidance was very helpful to take full advantage of the capabilities of their solution! I would recommend Maltego’s Academic Program to any data science and security students that are interested in exploratory dataset analysis or correlation and enrichment of data from multiple, different sources."–Philipp Mieden
Check out more of Philipp Mieden’s work on ResearchGate, Twitter or GitHub!
2. Age Brander and His Cyber Forensics Research Workshop 🔗︎
The Maltego Academic & Non-Profit Program worked with certified cybersecurity trainer, professor, and forensics specialist, Age Brander, to host a free, hands-on training workshop in February 2020. The workshop taught participants the basics of using Maltego for forensic research with the aim to equip both beginners and professionals with the necessary skills in the field of cybersecurity.
“Over the past year I have worked with great pleasure and enthusiasm with the Maltego employees. Their support, ideas and creativity were a joy to experience. The opportunities that Maltego offered to be able to use the product for a short period of time in my educational process was also very positive. In addition, the reactions of my students were very positive and full of praise for Maltego as an instrument for conducting forensic research on the internet, among other things. They experienced this during the courses they followed with me and indicated this to me with conviction.
In short, I am very pleased with both Maltego as a product in cybersecurity, as well as the employees of the company behind this wonderful professional software product. I therefore highly recommend the product and the organization to use or to work with.” – Age Brander
3. Harvard Lawfare and the Iron March Data Dump Investigation 🔗︎
We’ve long enjoyed a close partnership with Harvard Lawfare that became stronger through the official launch of the Academic & Non-Profit Program.
In February 2020, the Harvard Lawfare blog published a research article on the spatial structure, internal organization, and recruiting processes of a number of international racial-extremist groups brought together by the Ironmarch[.]org community. Using Maltego, they studied and analyzed the data leaked from Iron March to answer the following questions:
- What is the profile of an average Iron March user?
- What drove activity on Iron March?
- How effective was Iron March at connecting like-minded white supremacist and neo-Nazis?
Read the full research article here.
4. Mitch Chaiet and TinEye Transforms 🔗︎
Founder of memetic influence, Mitch Chaiet is a disinformation researcher and investigator dedicated to providing tools, intelligence, and content for tracking information through the internet. As our Academic & Non-Profit Program partner, Mitch worked with our Integration Development team on introducing reverse image search with TinEye into Maltego. After the release of the TinEye Transforms, he has been a Maltego guest author and has also been consulting with us on misinformation and disinformation topics.
Read more about his work on Maltego’s TinEye Transforms here and learn more about memetic influence on his website.
5. Ata Edemir and the Investigation about TA505 🔗︎
Ata Şahan Erdemir is a cybersecurity analyst and academic researcher from Istanbul, Turkey, specialized in OSINT, IoT, and Advanced Persistent Threat (APT) groups. Using Maltego and its integrations to VirusTotal, Mitre ATT&CK framework, and Hybrid-Analysis, he conducted an in-depth investigation on the activities, TTPs, and typical campaigns of the notorious TA505 APT group. His analysis serves as an example of how threat hunters and cyber researchers can utilize link analysis tools like Maltego to investigate other APT groups.
Read more about his TA505 investigation here.
6. Stanford Internet Observatory and Social Media Abuse by a Pakistani Network 🔗︎
In September 2020, Stanford Internet Observatory published a detailed report on its study of how a network of Pakistan-based social media accounts coordinated mass reporting against critics of Islam, the Pakistani government, and military as well as the Ahmadi religious minority. Relationships between 283 Facebook profiles and 96 Instagram accounts were analyzed using Maltego as part of the investigation.
Read the full report here.
7. Organizations Keeping the World Safer Everyday 🔗︎
Besides the investigators, researchers, and institutions mentioned above, Maltego also works with organizations heavily involved in social causes and security of the world.
We are honored to have supported the front lines and important works of Bellingcat, Trace Labs, National Child Protection Task Force (NCPTF), CyberPeace Foundation (CPF), and 4TheOne Foundation, who dedicate immense time and resources to uncover illegal activities, combat violence and human trafficking, find missing persons, and build collective resilience against global cybercrimes and threats through research, education, and policy advocacy.
“Maltego allows us to quickly pull data from profiles, posts, and comments into one graph, where we can conduct text searches and see connections. In just a few minutes, we can narrow initial research to a handful individuals using variations of aliases connected to suspected local traffickers. We would not have been able to do that without Maltego.” –4TheOne Foundation
We Continue to Exercise OSINT for Good at Maltego 🔗︎
The Maltego Academic & Non-Profit Program 2021-2022 has begun with new and exciting partnerships and projects. Although the application period for the 2021-2022 program year has ended, please do reach out to us, and share your use cases if you believe Maltego can help you to make crucial contributions to the infosec community and the global society.
We are grateful and delighted to work with our program partners and be part of their success stories while fighting the good fight. However, we know that none of this would be possible without the backbone and soul of our Academic & Non-Profit Program—the Maltego Support team. We are extremely proud of our stellar team that continuously provides support to our community pursues the exercise of OSINT for Good in their everyday life.
Don’t forget to follow us on Twitter and LinkedIn and sign up to our email newsletter to stay updated on news and progress of the program.
Happy investigating!