Report an incident

Get 24/7 incident response assistance from our global team

Talk to sales

Just fill out the form, and our representative will contact you soon.

Join the Cybercrime Fighters Club

Please review the following rules before submitting your application:

1. Our main objective is to foster a community of like-minded individuals dedicated to combatting cybercrime and who have never engaged in Blackhat activities.

2. All applications must include research or a research draft. You can find content criteria in the blog. Please provide a link to your research or research draft using the form below.

Group-IB’s digital forensic experts presented the analysis of documents on the case involving Russian biathletes

Media Center Press Releases
March 3, 2020 · 2 min to read
Sergey Nikitin
Threat research

An international cybersecurity company Group-IB that specializes in preventing cyberattacks, has analyzed the documents under the signature of former Moscow anti-doping laboratory director Grigory Rodchenkov. These documents were presented during the hearings in the Court of Arbitration for Sport (CAS) on the case involving Russian biathletes Olga Vilukhina, Yana Romanova, and Olga Zaytseva. During the investigation, the experts established that the documents contained completely identical images with a signature on them, which were supposedly pasted to these documents from a different source. Similar conclusions have been reached by the British graphologists. This was reported by the lawyer of former biathletes, Alexei Panich, after the first day of CAS hearings in Switzerland.

The experts from international cybersecurity company Group-IB conducted digital forensic analysis of those files that were presented by the client a law firm, Herbert Smith Freehills CIS LLP. The files provided for analysis were: «Exhibit 43 Affidavit of Dr. Grigory M. Rodchenkov dated 12 November 2019.PDF» and «Exhibit R-64 Affidavit of Dr. Grigory M. Rodchenkov dated 22 February 2020.pdf». These files were presented as part of today’s CAS hearings.

Digital forensic examination, conducted by GIAC (Global Information Assurance Certification) certified analysts, revealed that these are two different files from digital forensic standpoint. They have different metadata, such as file size, PDF Version in which they were created, and etc. At the same time, forensic analysis established that page 16 of the PDF file «Exhibit 43 Affidavit of Dr. Grigory M. Rodchenkov dated 12 November 2019.pdf» and page 6 of the PDF file «Exhibit R-64 Affidavit of Dr. Grigory M. Rodchenkov dated 22 February 2020.pdf» contain exactly identical, from digital forensic standpoint, element that can be extracted an image with a signature.

These images have the same file size and hash value (unique fingerprints for files). Both images can be copied and extracted from the files. It is obvious that a person’s signature is always more or less the same, however, scanned signatures will always have minor differences. If the images with signatures are exactly identical, this means that this is most likely the same image, which was pasted to different documents or one image copied from one file and pasted to another.

Sergey Nikitin
Sergey Nikitin

Deputy Head of the Digital Forensics Lab at Group-IB

About Group-IB

Established in 2003, Group-IB is a leading creator of predictive cybersecurity technologies to investigate, prevent, and fight digital crime globally. Headquartered in Singapore, and with Digital Crime Resistance Centers in the Americas, Europe, Middle East and Africa, Central Asia, and the Asia-Pacific, Group-IB delivers predictive, intelligence-driven defense by analysing and neutralizing regional and country-specific cyber threats via its Unified Risk Platform, offering unparalleled defense through its industry-leading Cyber Fraud Intelligence Platform, Cloud Security Posture Management, Threat Intelligence, Fraud Protection, Digital Risk Protection, Managed Extended Detection and Response (XDR), Business Email Protection, and External Attack Surface Management solutions, catering to government, retail, healthcare, gaming, financial sectors, and beyond. Group-IB collaborates with international law enforcement agencies like INTERPOL, Europol, and AFRIPOL to fortify cybersecurity worldwide, and has been awarded by advisory agencies including Datos Insights, Gartner, Forrester, Frost & Sullivan, and KuppingerCole.

For more information, visit us at www.group-ib.com or connect with us on LinkedIn, X, Facebook, and Instagram.

Discover our podcasts to hear from leading voices on Masked Actors and Fraud Intel, where top cybersecurity experts share real-world experiences, emerging trends, and practical insights to help you stay one step ahead in the fight against cyber crime.

Read next
April 10, 2026
Group-IB becomes initial contributor to MITRE Fight Fraud Framework™ (F3)
March 19, 2026
Group-IB Partners with Copy Cat Group to Strengthen Intelligence-Led Cybersecurity Across East Africa
March 13, 2026
Group-IB Supports INTERPOL’s Operation Synergia III, Contributing Intelligence to Global Cybercrime Takedown
March 12, 2026
Group-IB Expands into the Americas with Launch of Digital Crime Resistance Center in Chile
March 3, 2026
Group-IB and Nebrija University Strengthen Cybersecurity Education Through MOU and Threat Intelligence Integration
February 26, 2026
Group-IB Partners with Savex Technologies to Advance Predictive Threat Intelligence and Cyber Fraud Protection Across India and SAARC
Go to all Press Releases →