Telegram OSINT VM Part 1
For my next blog I have decided to share my Telegram OSINT Virtual Machine. When I have a Telegram deployment I always use a dedicated virtual machine. I will never undertake research on Telegram using my perosnal device(s), accounts or personal identifiable information, either using the Telegram Web or Telegram Desktop is preferred over using a mobile.
What I am about to explain may not apply to everyone depending on what the aims, objectives are of your deployment and the people or groups that are of interest to you. I will start at the beginning of my process but feel free to take the parts that best suit your deployment. Don’t just copy what I do because it may not be suitable for you. This was going to be one blog however it ended up being longer than I had originally anticipated, so I decided to create 2 separate blogs.
I build my Telegram OSINT VM using Ubuntu 22.04 LTS, this can be download from the official Ubuntu website. https://ubuntu.com/download/desktop. Do not be tempted to download it from other third party sites.
Whether you choose to use VMware of Virtual Box, it matters not and that can be a personal decision based on what resources you have available to you. These are the only two virtualisation software that I use. I am sure that what follows will differ little, if you use a different virtualisation software.
I am not going to run through how to install Ubuntu, but feel free to view the below video links, for VMware and Virtual Box:-
· VMware – https://www.youtube.com/watch?v=cjO_hiocu30
· Virtual Box – https://www.youtube.com/watch?v=zHwFtyxJsog
If English is your first or second language this provides us with a perfect OPSEC opportunity. That said other international languages also provide similar opportunities. French, Spanish & Russian etc are spoken all over the world. I always obfuscate my location. It is no secret that I am based in the UK. I will tend to use an IP, time zone and keyboard settings from an English speaking country for setting up my VM. I use similar obfuscation methods when using a mobile.
For this deployment I have decided that I am going to use the USA as my obfuscation country. It is important that you have an active VPN. Again this is a personal choice depending on the resources you have. A paid for subscription with a no logs provider is the preferred choice.
I suppose it goes without saying that we need to pick a USA server in my case, Fig 1.0.
Fig 1.0
As you can see from the below screen captures, Fig 1.1, when I go through the installation process the default setting is the USA keyboard. This is perfect and suits my obfuscation needs.
In Fig, 1.2, I set my time zone as, Chicago in the US.
Once you have installed Ubuntu and rebooted the machine the rest of the settings I ignore with the exception of location and Canonical feedback which I disable.
We have installed our fresh Ubuntu desktop. Even though we told Ubuntu to adhere to certain privacy setting during the set-up, we should double check them. When I went through the set-up process I disabled the following setting Fig 1.3.
However within the privacy settings the diagnostic setting is set to manual, so we will turn that off completely, Fig 1.4.