Company

Partners

Resources

Media Centre

Products

Services

Overview

Prevention

Response

Investigation

Report an incident

Contacts

Singapore+65 3159-3798

Amsterdam+31 6 225-080-98

Moscow+7 495 984-33-64

Hanoi+8 486 942-13-56

Kuala Lumpur+60 330-99-50-91

General inquires info@group-ib.com

24/7 incident response supportresponse@cert-gib.com

Report an incident

Digital Forensics and Malware Analysis

Evidence that fights back. Our forensic and malware analyses have helped victims of infamous hacker groups come out as victors in courts of law. Our experts can do the same for your company.

Get help now

Industry leader in digital forensics

17 years of expertise in e-discovery and malware analysis

1,000+ successful investigations around the globe

Proprietary training course, acclaimed by INTERPOL & Europol

Group-IB’s evolution

The company has developed from a cyber detective agency and maintained a goal-oriented approach. We take responsibility for obtaining the data you need to pursue attackers and come out victorious in courts of law.

Our pool of data sources and proprietary investigational tools allow us to work on complex and knowledge-intensive cases. We boast unparalleled expertise when it comes to dealing with threats from the Russian-speaking world.

Valery Baulin

Head of Digital Forensics Lab

Multiple levels of analysis

Benefit from additional levels of evidence analysis: world-class Threat Intelligence & Attribution and cutting-edge technologies to investigate the tactics and infrastructure involved in attacks.

Team reinforcement

Work with trusted advisors you can turn to in any situation: whether it is a one-time request for expertise, ongoing support in an investigation, or help obtaining evidence for a court case.

Our Laboratory provides a full range of high-expertise services

Digital Forensics

Mobile forensic systems to ensure that information for forensic examinations, initiated independently or by law enforcement agencies, is correctly seized and copied

Learn more

Mobile forensic systems for correct seizure and copying of information for forensic examinations initiated independently or by law enforcement agencies

Advantages of Group-IB forensic examinations:

We extract the maximum amount of useful information from objects under examination and interpret the collected evidence accurately and comprehensively.
We guarantee that the opinions of our forensic specialists will be accepted by courts as adequate evidence for civil, administrative and criminal proceedings.
All the examinations are conducted within the time limits specified when the materials are submitted for analysis.

Malware Analysis

Unique tools for detecting malware and traces of hacker attacks, including those among deleted and encrypted data

Learn more

Unique tools for detecting malware and traces of hacker attacks, including those within deleted and encrypted data

Group-IB analysts from the Forensic Laboratory use high-tech equipment to search for malware at the HDD firmware level. This allows revealing hidden subpartitions, where malicious programs hide from formatting and other traditional methods for disk cleaning.

We examine malware while taking into consideration confidentiality requirements, for example by blocking any network interactions with harmful programs. We provide a comprehensive diagnosis and recommendations on further steps without additional risks.

Collection
of digital evidence

Correctly collected and documented digital evidence forms the basis for further investigation or case preparation for court proceedings

Learn more

Correctly collected and documented digital evidence base for further investigation or case preparation for the court

Close to 20% of in-house investigations face challenges during interactions with law enforcement agencies due to mistakes in digital evidence gathering and documentation. Group-IB’s forensic experts:

Provide preliminary consultations
Promptly visit the incident location
Determine the information sources for the evidence
Collect and document evidence in compliance with legal requirements
Prepare the documentation so that evidence is presented correctly
Consult with authorized representatives about measures required to stop the incident

How we can help you

Entrust the investigation to top tier experts

It can be difficult to attract in-house digital forensics specialistsand continuously develop their skills. Group IB’s experts are steeped in threat intelligence and can complement your team’s efforts anywhere in the world

Provide accurate information about the incident

We reconstruct incident timelines and provide insights into the motivation behind the attack and the level of employee involvement. Our work complies with government regulations, such as GDRP and CERT requirements.

Detect residual malicious code in your network

We help identify the scope of compromise correctly, detect all the affected devices, and clear the network. It is crucial to be certain that the incident response team did not overlook anything to prevent further attacks.

Put up actionable digital evidence

Specialists with 10+ years of experience collect digital evidence without affecting data integrity, then preserve and analyze it. This provides a basis and data for further investigations.

Help build a strong court case

Prepare your legal team and build your case for court. Our specialists are GIAC certified in Digital Forensics and Malware Analysis. Their reports are admissible in international courts.

Strengthen and educate your team

Add to the competences of your information security specialists by outsourcing malware analysis and forensic examinations. Leverage our advanced knowledge of digital forensics to train your team at the same time.

Proprietary educational course

Group-IB has successfully introduced and provided our forensic specialists with resources to support our work. The workshop was both enjoyable and highly informative.

Francisco Luis, Europol Cybercrime Centre – EC3 Cyber Intelligence Team

Develop new skills

Group-IB forensic specialists have developed an educational course that helps cybersecurity professionals hone their skills in areas ranging from evidence preservation and threat detection to reverse engineering.

200+ training sessions

Our specialists have trained law enforcement agencies, corporate security teams, and universities around the world, as well as experts within Group-IB’s official partners: INTERPOL and Europol.

Group-IB
Digital forensics and malware analysis

Analyze
malware rapidly and detects trails that lead to the attackers
Link and correlate
evidence with criminal
profiles
Recreate
timelines of the incident and motivations behind the attack
Support
every stage of evidence presentation and questioning, including during trials
Educate
professionals in digital
forensics
Gather and recover
evidence you can use for private investigations or in court

In synergy with Threat Intelligence & Attribution

Group-IB’s Threat Intelligence & Attribution is a state-of-the-art network that works in synergy with digital forensics. By juxtaposing evidence with the latest threat data, we speed up the research process and correlate cases with criminal profiles. This makes it possible to obtain some analysis results, such as preliminary malware data, within a few hours of the evidence being collected.

Huge database

100,000+ criminal profiles that can be matched to your case

Structured data

Security-related data has been relentlessly gathered since 2003

International recognition

Group-IB’s Threat Intelligence & Attribution is recognized in Gartner, IDC, and Forrester reports

Malware code analysisThorough malware analysis is vital when investigating complex attacks. Our analysts examine vast amounts of real malware samples daily and hold the internationally recognised GIAC certification in Digital Forensics and Malware Analysis. We regularly share threat research on the activities of infamous hacker teams, which is based on the findings of the malware analysis team.More Threat Research

Whitepapers

Mobile Forensics

The possibilities of mobile forensics: extraction, investigation, and crime solving

Request report

eDiscovery

Basics, methods and techniques of strategic digital evidence management

Request report

Mobile Forensics

The possibilities of mobile forensics: extraction, investigation, and crime solving

Request report

eDiscovery

Basics, methods and techniques of strategic digital evidence management

Request report

Thank you for your interest in our materials

Please enter your corporate e-mail address for downloading the whitepaper.

Partnerships and certifications

Official Еuropol (2015) and INTERPOL (2017) partner

Recommended by the Organization for Security and Cooperation in Europe (OSCE)

Certified by GIAC in Digital Forensics and Malware Analysis

We make sure you follow the right traces and do not overlook valuable evidenceContact us

Advanced protection against cyber threats

Group-IB’s security ecosystem provides comprehensive protection for your IT infrastructure based on our unique cyber intelligence and deep analysis of attacks and incident response.

Threat
Intelligence

Аctionable, finished intelligence to track actors and prevent attacks before they happen

Threat Hunting Framework

Comprehensive solution to protect corporate network, hunt for threats and respond to even the most complex cyber attacks

Fraud Hunting Platform

Client-side fraud and attack prevention system for online banking, working across sessions, platforms and devices

Fraud Hunting Platform

Protection from bots, fraud and data leakage for e‑commerce and web portals

Get immediate assistance from the largest Forensic Laboratory in Eastern Europe.