ANALISIS FORENSIK DIGITAL TELEGRAM PADA ANDROID UNTUK CYBERCRIME DENGAN KERANGKA NASIONAL INSTITUTE OF STANDARD TECHNOLOGY (NIST)

Abstrak

Telegram is a popular instant messaging application that has seen an increase in users from 60.2% in 2023 to 61.3% in 2024. However, this increase in usage also opens up opportunities for digital crimes such as online fraud. This research aims to conduct a digital forensic analysis on the Telegram application on Android smartphones with the form of crime being mobile phone sales fraud. The research method uses the NIST framework which consists of four stages: Collection, Examination, Analysis, and Reporting. The forensic tools used are MOBILedit Forensic Express and FTK Imager. MOBILedit excels at extracting various types of data, including images, videos, and voice messages, although it requires a rooted smartphone. Meanwhile, FTK Imager is effective for recovering conversations quickly but is limited to text data and not optimal for multimedia. The research scenario simulates a case of online fraud in the sale of iPhone products via Telegram. The results of the study show that MOBILedit Forensic managed to find digital evidence in the form of videos, photos, and voice notes, while FTK Imager was only able to recover chat evidence. Both tools successfully combine evidence of the existence of digital data that has been deleted, allowing the identification of traces of digital crime on the Telegram application. These findings show the importance of selecting appropriate forensic tools to maximize digital evidence collection, as well as provide implications that the right forensic methods and tools can be a solution in effectively uncovering digital crime cases, especially on instant messaging platforms.