Digital Forensics and Malware Analysis

Evidence that fights back. Our forensic and malware analyses have helped victims of infamous hacker groups come out as victors in courts of law. Our experts can do the same for your company.

Get help now

The largest digital forensic laboratory in Eastern Europe 

15 years of expertise in e‑discovery and malware analysis 

1000+ successful investigations around the globe

Proprietary training course, acclaimed by Interpol & Europol

Group-IB’s evolution

The company has developed from a cyber detective agency and maintained a goal-oriented approach. We take responsibility for obtaining the data you need to pursue attackers and come out victorious in courts of law.

Our pool of data sources and proprietary investigational tools allow us to work on complex and knowledge-intensive cases. We boast unparalleled expertise when it comes to dealing with threats from the Russian-speaking world.

Valery Baulin

Head of Digital Forensics Lab

Multiple levels of analysis

Benefit from additional levels of evidence analysis: world-class Threat Intelligence and cutting-edge technologies to investigate the tactics and infrastructure involved in attacks.

Team reinforcement

Work with trusted advisors you can turn to in any situation: whether it is a one-time request for expertise, ongoing support in an investigation, or help obtaining evidence for a court case.

Our Laboratory provides a full range of high-expertise services

Digital Forensics

Mobile forensic systems to ensure that information for forensic examinations, initiated independently or by law enforcement agencies, is correctly seized and copied

Learn more
Mobile forensic systems for correct seizure and copying of information for forensic examinations initiated independently or by law enforcement agencies

Advantages of Group-IB forensic examinations:

  • We extract the maximum amount of useful information from objects under examination and interpret the collected evidence accurately and comprehensively.
  • We guarantee that the opinions of our forensic specialists will be accepted by courts as adequate evidence for civil, administrative and criminal proceedings.
  • All the examinations are conducted within the time limits specified when the materials are submitted for analysis.

Malware Analysis

Unique tools for detecting malware and traces of hacker attacks, including those among deleted and encrypted data

Learn more
Unique tools for detecting malware and traces of hacker attacks, including those within deleted and encrypted data

Group-IB analysts from Forensic Laboratory use the hi-tech equipment to search for malware on HDD firmware level. This allows revealing hidden subpartitions, where malicious programs hide from formatting and other traditional methods for disk cleaning.

We examine malware while taking into consideration confidentiality requirements, for example by blocking any network interactions with harmful programs. We provide a comprehensive diagnosis and recommendations on further steps without additional risks.

Collection
of digital evidence

Correctly collected and documented digital evidence forms the basis for further investigation or case preparation for court proceedings

Learn more
Correctly collected and documented digital evidence base for further investigation or case preparation for the court

Close to 20% of in-house investigations face challenges during interactions with law enforcement agencies due to mistakes in digital evidence gathering and documentation. Group-IB’s forensic experts:

  • Provide preliminary consultations
  • Promptly visit the incident location
  • Determine the information sources for the evidence
  • Collect and document evidence in compliance with legal requirements
  • Prepare the documentation so that evidence is presented correctly
  • Consult with authorised representatives about measures required to stop the incident

How we can help you

Entrust the investigation to top tier experts

It can be difficult to attract in-house digital forensic specialists and continuously develop their skills. Group IB’s experts are steeped in threat intelligence and can complement your team’s efforts anywhere in the world

Provide accurate information about the incident

We reconstruct incident timelines and provide insights into the motivation behind the attack and the level of employee involvement. Our work complies with government regulations, such as GDRP and CERT requirements.

Detect residual malicious code in your network

We help identify the scope of compromise correctly, detect all the affected devices, and clear the network. It is crucial to be certain that the incident response team did not overlook anything to prevent further attacks.

Put up actionable digital evidence

Specialists with 10+ years of experience collect digital evidence without affecting data integrity, then preserve and analyse it. This provides a basis and data for further investigations.

Help build a strong court case
 

Prepare your legal team and build your case for court. Our specialists are GIAC certified in Digital Forensics and Malware Analysis. Their reports are admissible in international courts.

Strengthen and educate your team

Add to the competences of your information security specialists by outsourcing malware analysis and forensic examinations. Leverage our advanced knowledge of digital forensics to train your team at the same time.

 

Contact us

Proprietary educational course

Group-IB has successfully introduced and provided our forensic specialists with resources to support our work. The workshop was both enjoyable and highly informative.

Francisco Luis, Europol Cybercrime Centre – EC3 Cyber Intelligence Team

Develop new skills

Group-IB forensic specialists have developed an educational course that helps cyber-security professionals hone their skills in areas ranging from evidence preservation and threat detection to reverse engineering.

200+ training sessions

Our specialists have trained law enforcement agencies, corporate security teams, and universities around the world, as well as experts within Group-IB’s official partners, Interpol and Europol.

Group-IB
Digital forensics and malware analysis
  • Analyses

    malware rapidly and detects trails that lead to the attackers

  • Links and correlates

    evidence with criminal
    profiles

  • Recreates

    timelines of the incident and motivations behind the attack

  • Supports

    every stage of evidence presentation and questioning, including during trials

  • Educates

    professionals in digital
    forensics

  • Gathers and recovers

    evidence you can use for private investigations or in court

In synergy with Threat Intelligence

Group-IB’s Threat Intelligence is a state-of-the-art network that works in synergy with digital forensics. By juxtaposing evidence with the latest threat data, we speed up the research process and correlate cases with criminal profiles. This makes it possible to obtain some analysis results, such as preliminary malware data, within a few hours of the evidence being collected.

Huge database

100,000+ criminal profiles that can be matched to your case

Structured data

Security-related data has been relentlessly gathered since 2003

International recognition

Group-IB’s Threat intelligence is recognised in Gartner, IDC, and Forrester reports

Malware code analysisThorough malware analysis is vital when investigating complex attacks. Our analysts examine vast amounts of real malware samples daily and hold the internationally recognised GIAC certification in Digital Forensics and Malware Analysis. We regularly share threat research on the activities of infamous hacker teams, which is based on the findings of the malware analysis team.More Threat Research

Partnerships and certifications

Official Еuropol (2015) and INTERPOL (2017) partner

Recommended by the Organization for Security and  Cooperation in Europe (OSCE)

Certified by GIAC in Digital Forensics and Malware Analysis

Get immediate assistance from the largest Forensic Laboratory in Eastern Europe.

 

Thank you for the inquiry! We will contact you soon.

Digital Forensics


Mobile forensic systems to ensure that information for forensic examinations, initiated independently or by law enforcement agencies, is correctly seized and copied

Advantages of Group-IB forensic examinations:

Clientless Malware
Detection

Clientless Malware Detection


Unique tools for detecting malware and traces of hacker attacks, including those within deleted and encrypted data

Group-IB analysts from the Forensic Laboratory use high-tech equipment to search for malware at HDD firmware level. This helps reveal concealed subpartitions where malicious programs hide from formatting and other traditional methods of disk cleaning.

We examine malware while taking into consideration confidentiality requirements, for example by blocking any network interactions with harmful programs. We provide a comprehensive diagnosis and recommendations on further steps without additional risks.

Collection of digital
evidence

Collection of digital evidence


Correctly collected and documented digital evidence forms the basis for further investigation or case preparation for court proceedings

Close to 20% of in-house investigations face challenges during interactions with law enforcement agencies due to mistakes in digital evidence gathering and documentation. Group-IB’s forensic experts:

Report an incident

24/7 Incident Response Assistance +7 495 984-33-64

Thank you!
We will contact you soon.