Any storage device such as a Pen drive, Memory card or Hard disk is used it to store/transfer officials/ Personal Information. Official Information such as Designs, blueprints, prototypes which belongs to any organizations .where personal information such as photos, videos, movies call records etc.
Storage devices such as flashdrives are the best carriers of such malwares. And that is the reason you should never buy or sell used storage devices such as memory cards, pen drives, hard disks etc. When you buy a used hard disk, it may be a fake USB hard disk.
As we are familiar with virus’s worms and Trojans and other kind of malware .They are designed to steal or corrupt information on the storage devices. Malware are also capable of stealing your Confidential such as username, password, and credit card numbers.
To prove this fact we did an experiment.
There are various forensic tools used to deleted data from a storage devices such as photorec, Recuva minitool etc.
We took a used pen drive, formatted it and tried to recover the data using popular recovery tool “Photorec”. Here’s how to recover data from formatted USB Pen Drive using Photorec.
To recover your lost digital pictures or lost files, try PhotoRec. PhotoRec is a signature based file recovery utility. It handles more than 440 file formats including JPG, MSOffice, OpenOffice documents.
PhotoRec searches for known file headers. If there is no data fragmentation, which is often the case, it can recover the whole file. PhotoRec recognizes and recovers numerous file formats including ZIP, Office, PDF, HTML, JPEG and various graphics file formats. The whole list of file formats recovered by PhotoRec contains more than 480 file extensions (about 300 file families).
Step 1 :
Primarily need to choose the disk you want to work with. However, you need to make sure that you're using the administrator account.
As shown in picture found two partition 1st is System’s internal memory and 2nd is External device memory
There are 3 kinds of storage:
Step 2:
Options to choose from
Step 3:
Option List
Step 4:
Partition selection,PhotoRec needed information about the file system. Except it is ext2/ext3/ext4, choose other.
Step 5:
Choose file location
Step 6:
choose the directory you want your recovered files to be written to
Step 7:
Recovering Files
See the result, when the recovery process finishes. It is also advised to scan the recovered files with your antivirus software, as PhotoRec might have undeleted some harmful files.
Step 8:
Recovered Files
TestDisk & PhotoRec can store recovered data on any storage available from your computer. They can recover data from DAS and SAN storage. For TestDisk & PhotoRec need to run on the server itself.
By default, PhotoRec stores the files in directories named recup_dir.1, recup_dir.2... in the current folder. By example, the first directory on a Windows computer is testdisk-7.1/win/recup_dir.1 or testdisk-6712-WIP/63/recup_dir.1
Conclusion:
Never sell your used storage devices to unknown people using websites like ebay,quikr,olx etc. Do not buy used storage devices from the people you don't trust as you may buy a malware along with it.
