A column of numbers appears on the screen, it's about formatting, HTML codes and the question of how file information changes when it is saved - or not: A so-called IT forensic scientist who traveled from Berlin said on Thursday at the trial about the " NSU 2.0" threatening letter at the Frankfurt district court.

Alexander Juergs

Editor in the Rhein-Main-Zeitung.

  • Follow I follow

There, Alexander M., an unemployed person from Berlin, is being tried.

The public prosecutor's office accuses him of having sent 116 right-wing extremist threatening letters, some with death threats, under the name "NSU 2.0".

They were sent to Frankfurt lawyer Seda Basay-Yildiz, cabaret artist Idil Baydar and left-wing politician Janine Wissler.

Alexander M. denies the deeds, although fragments of the threatening letters were found on a computer seized from him.

M. testified in court that he was part of a right-wing chat group on the Darknet, which police officers also belonged to.

The letters were coordinated there, but he tried to moderate the other chat participants.

The fragments of the threatening letters that were found on his computer only ended up there because he opened them on the Internet, on file-sharing portals.

The data was then automatically downloaded to his computer.

And now he should pay as a pawn for a crime that completely others had committed.

This is how Alexander M. puts it in court.

But how plausible is his explanation that the letters were saved when the documents were opened on the Internet?

The Berlin digital forensic scientist who works for the Federal Criminal Police Office should find out.

He evaluated digital traces on the hard drive of the computer that was secured at M.'s.

He presents his report as an expert in court.

This is often a complex matter, the judges have many questions, and the accused often digs deeper.

In any case, the IT forensic scientist could not find any proof that file-sharing portals were used via the computer, which could serve as proof for Ms' statement.

Nevertheless, he points out that the possibility that data could have been downloaded from a portal via the computer cannot be completely ruled out.

The investigator also looked at partial digital copies of the e-mails used to send the threatening letters, which can be found on the hard drive.

The letters were sent from the email address "tuerkensau@yandex.com", Yandex is a Russian Internet service provider.

In his analysis of the available data, the investigator is certain that Alexander M.'s computer was used to register with the mail provider on the Internet.

Doubts about the public prosecutor's thesis that M. is the sole perpetrator in the "NSU 2.0" case have often been expressed.

Just before the first threatening letter signed “NSU 2.0” was sent to Seda Basay-Yildiz, the lawyer's private data was accessed on a police computer in Frankfurt.

During the investigation, a right-wing extremist chat group within the police force was exposed.

The lawyer for the co-plaintiff also assumes that at least the first threatening letter was sent by a Frankfurt police officer.