Gralhix OSINT Exercise #023

Or how to deal with YouTube Peek-a-Boo

In the dynamic world of Open Source Intelligence (OSINT), a key skill is the ability to uncover valuable information from unexpected sources. Gralhix’s OSINT exercises continue to challenge and refine these skills, offering scenarios that mirror real-world investigative situations. Exercise 023 presents a unique challenge that emphasizes the importance of fine-tuned observation and the effective use of digital tools in uncovering hidden information.

Exercise Challenge

Gralhix’s Exercise 023 presented the following task:

Sometimes online footage contains more information than meets the eye. In October 2023, I uploaded a video to my YouTube channel where, for a split second between minute 3 and 4, my desktop wallpaper is partially visible.

Your task is to:
a) Find the title of the illustration, as given by the artist.
b) Find how much it would cost for the artist to create a similar piece, in size and detail.

Note: Please do not contact or harass the artist in any way. You are not required to interact with them to complete these tasks.”

Exercise level:
For beginners: a) Easy, b) Easy
For experts: a) Easy, b) Easy

At first glance, this exercise appeared uncomplicated. However, it underscored the importance of attention to detail and the effective use of digital tools in OSINT investigations.

Solution Summary

The investigation involved three key steps:

• Using advanced search operators to efficiently locate the relevant video from October 2023.
• Employing YouTube’s frame-by-frame playback controls to identify the briefly shown desktop wallpaper.
• Conducting a reverse image search to locate the artist’s commission page.

The solution revealed that the title of the illustration is “Involuntary Rat Queen,” and the artist’s commission for a character with a full background starts at $190.

Detailed Walk Through

Initial Approach

Gralhix is pretty prolific, so the first step was to narrow down the search to videos uploaded in October 2023. This was achieved using YouTube’s advanced search operators:

after:2023–10–01 before:2023–11–01

That resulted in a singular result that I encourage you to check out:

Seriously, learning how to do this will save you so much time, and give you better results.

With the relevant video identified, the next challenge was to locate the brief moment where the desktop wallpaper was visible. Given that the information was only visible for a split second, normal playback was insufficient.

Frame-by-Frame Analysis

To overcome this, I utilized YouTube’s keyboard shortcuts for frame-by-frame navigation with the video paused:

• . (period) to move forward frame-by-frame
• , (comma) to move backward frame-by-frame

This granular approach allowed for the identification of the exact frame where the desktop wallpaper was partially visible (timestamp 3:38/14:31).

Image Identification and Artist Information

With the image located, the next step was to identify its source and gather the required information. A reverse image search led to the artist’s commission and portfolio pages, where both the title of the illustration and the pricing information were found.

Lessons Learned

1. Tool Proficiency: This exercise highlighted the importance of knowing your tools inside and out. Familiarity with YouTube’s advanced search operators and playback controls was crucial in efficiently solving this challenge.
2. Attention to Detail: The brief visibility of the crucial information emphasized the need for meticulous observation in OSINT investigations. What might seem like an insignificant detail can often be the key to unlocking valuable information.
3. Ethical Considerations: The exercise instructions explicitly stated not to contact the artist, reminding us of the importance of ethical conduct in OSINT investigations. It’s crucial to respect privacy and boundaries, even when information is publicly available.

Additional Considerations

While this exercise was relatively simple, it serves as a mini versionof larger OSINT investigations. In more complex scenarios, the principles applied here — efficient searching, detailed analysis, and ethical considerations — become even more critical.

OPSEC Implications

This exercise serves as a potent reminder of the importance of operational security (OPSEC) in our digital lives. Just as we were able to extract information from a brief moment in a video, subjects of real investigations might inadvertently reveal crucial information in seemingly innocuous content. This underscores the need for OSINT practitioners to be constantly vigilant about their own digital footprint and the information they share online.

Consider the following OPSEC tips and examples:

1. Beware of screenshots: When sharing screenshots, be mindful of what else is visible. Open tabs, bookmarks, desktop icons, or even your profile picture can potentially reveal more than intended. Always review and, if necessary, crop or blur sensitive areas before sharing.
2. Check video backgrounds: If recording videos, be aware of what’s visible in the background. Whiteboards, bulletin boards, or even book titles on shelves can inadvertently reveal sensitive information.
3. Metadata matters: Remember that images and documents often contain metadata that can reveal information about the creator, location, or device used. Use tools to strip metadata before sharing sensitive files.
4. Social media hygiene: Regularly review your social media privacy settings and be cautious about what you share. Even little details like your location or daily routines can be pieced together to form a comprehensive profile.
5. Use separate accounts: Consider using different accounts or even devices for personal and professional/investigative work. This separation can help prevent accidental information leakage.
6. Be cautious with public Wi-Fi: When working on sensitive matters, avoid using public Wi-Fi networks, or use a VPN if you must.
7. Regular audits: Periodically Google yourself and review your online presence. You might be surprised at what information is publicly available about you.

By implementing these practices, OSINT practitioners can better protect themselves and their investigations from unintended information disclosure.

Conclusion

Exercise 023, while simple in its execution, reinforces fundamental OSINT skills:

1. Efficient use of search tools and operators
2. Effective utilization of digital tools (in this case, video playback controls)
3. Understanding and respecting investigation parameters

While the exercise didn’t require painstaking analysis once the right tools were applied, it does highlight the importance of knowing and effectively using the tools at our disposal. A task that could be time-consuming or impossible without the right approach became straightforward with the proper application of YouTube’s playback controls.

Regarding ethical considerations, this exercise may not have presented complex ethical dilemmas, but it does emphasize the importance of following guidelines provided in an investigation. In professional settings, these guidelines might come from clients, supervisors, or legal requirements. The instruction not to contact the artist also touches on an important distinction in OSINT between passive and active information gathering. Passive OSINT, which involves collecting publicly available information without direct interaction, is often preferred as it minimizes the risk of alerting the subject of an investigation or crossing legal/ethical boundaries.

These principles form the backbone of more complex OSINT investigations. As we continue to hone our abilities, exercises like this remind us that sometimes valuable information is out in the open, waiting for a skilled practitioner with the right tools to uncover it.

Acknowledgments

Thanks to Gralhix for creating these diverse and educational OSINT exercises. They continue to challenge practitioners at all levels, promoting growth and skill refinement in the OSINT community.

I invite readers to share their own experiences with similar OSINT challenges. How do you approach tasks that require frame-by-frame analysis of video content? What tools or techniques have you found most effective in uncovering hidden details in digital media? What are your OPSEC best practices and lessons learned?