Live OSINT Lesson: How Journalists Tracked Down an Internet Troll
Sherlock Holmes of the Digital Age
We often think that under a pseudonym on the X platform (formerly Twitter), we are invisible. Nothing could be further from the truth. The editorial team at Wirtualna Polska has just published an investigation that serves as a textbook example of using Open Source Intelligence (OSINT) in investigative journalism.
The goal was to identify the person hiding behind the aggressive account "Morgenstern616". How was this done? It wasn't magic, but tedious data analysis.
Step 1: Big Data and AI (SOCMINT)
First came quantitative analysis. Journalists analyzed over 75,000 posts. This is a goldmine of information.
- Profiling: Artificial intelligence helped filter neutral posts from the sea of hate. In these posts, the user revealed details about their life—e.g., that they live in the Opole Voivodeship, have family near Namysłów, or worked at a municipal office.
- History Verification: The troll's claims (e.g., "I studied with politician X in 2011-2013") were compared with actual student lists and public figures' biographies. Everything matched.
Step 2: Geolocation (IMINT)
This is where the real detective work begins. The user made classic "OpSec" (Operational Security) errors by publishing photos from their surroundings.
- View from the Window: A photo showing the panorama of Opole allowed investigators to pinpoint the specific apartment block (so-called militia housing estate) where the perpetrator lived.
- Neighborly Tip-off (Unconscious): A photo of a flag hung by a neighbor supporting a different political option allowed tracking down a specific property near Namysłów.
- Infrastructure: A photograph of a destroyed election poster on a specific utility pole allowed narrowing down the search area to a small town.
Step 3: Technical Errors and the "Human Factor"
Even the most sophisticated techniques are unnecessary when the target exposes themselves.
- The Dog: A classic of the genre. The exact same photo of a mongrel appeared on the anonymous hater's account and on the private Facebook profile of Kamil Rudziński. Remember: Your pets are unique and easy to link!
- Browser Avatar: On one of the screenshots the troll bragged about (showing AI capabilities), a Google avatar thumbnail with the letters "KR" was visible. An identical avatar (same font and colors) was assigned to an email address in the public CEIDG (Central Registration and Information on Business) registry.
- Visual Metadata: The same memes and graphics, with identical parameters, were posted on both accounts.
Conclusions
The WP investigation shows that in the digital age, every scrap of information we leave online is a piece of a puzzle. A view of clouds from a window or a photo of a dog is enough to connect the dots. For cybersecurity and OSINT specialists, this is proof that the weakest link always remains the human and their desire to show off online.
Source: Wirtualna Polska
See Also
- OSINT: A short guide to the art of Open Source Intelligence – See how to use the techniques described in this article step by step.
- Digital Fortress 2025: The Ultimate Privacy Guide – Learn how to protect your privacy so you don't become the target of a similar analysis.
Until next time, Aleksander
About the Author
Dyrektor ds. Technologii w SecurHub.pl
Doktorant z zakresu neuronauki poznawczej. Psycholog i ekspert IT specjalizujący się w cyberbezpieczeństwie.
Powiązane artykuły
Dzieci w Sieci 2025: Patostreamy, "Sleepy Chicken" i Prawo, które Karze Ofiary.
Liczba incydentów bezpieczeństwa z udziałem dzieci przebiła sufit – ponad 600 tysięcy zgłoszeń. Analizujemy dane NASK i Policji: od śmiertelnych wyzwań na TikToku, przez wyłudzenia w Robloxie, aż po dramatyczne luki prawne w sekstingu.
Vibe Coding: Rewolucja czy Rosyjska Ruletka? Mroczna strona programowania z AI
Wszyscy „czują vibe", ale nikt nie czyta kodu. Analizujemy zjawisko Vibe Codingu, plagę Slopsquattingu i to, jak AI po cichu degraduje bezpieczeństwo naszych aplikacji.
Dlaczego Twój VPN to za mało? Kompleksowa analiza anonimowości w cyberprzestrzeni
Zapomnij o prostym tunelowaniu. W świecie, gdzie sztuczna inteligencja czyta pakiety jak książkę, a switche sieciowe same korelują ataki, prywatność wymaga zmiany paradygmatu.
Komentarze
Ładowanie komentarzy...