successful incident investigations in Russia and Europe
of all high-profile investigation cases in the field of high-tech crime in Russia are supported by Group-IB experts
was returned to a client company
as the result of our investigation
DDoS attack investigation in Russia was conducted by Group-IB specialists in 2009
Any illegal action where a computer or digital media was used an instrument of crime can be investigated by our specialists. We identify the mechanisms, recreate the sequence of events, collect digital evidence, all leading us to the perpetrators of the crime to help bring them to justice.
The main goal of our investigation is to bring the perpetrators to justice. If necessary, we will continue to be involved in the case until a sentence is carried out, by consulting with lawyers, investigation officers, or providing testimony in court.
From our criminal investigative experience, we have deep knowledge of criminal schemes ranging from recruiting insiders and developing malicious programs to withdrawing and cashing out money, which enables us to immobilize the attackers before the businesses suffer major damage.
Each investigation is conducted by a special project team of experts. The data collection, search and analysis are performed by our specialists in the following areas:
Cyber intelligence analysis provided by Group-IB’s
Intelligence system, a network of honeypots HoneyNet, and innovative products developed by Group-IB enable us to see the complete picture of an incident, which is inaccessible to our competitors.
We leverage close cooperation with international law enforcement agencies to get the criminals, wherever they hide. On June 17, 2015 Europol’s European Cybercrime Centre (EC3) signed an MoU with Group-IB in order to establish cooperation in fighting cybercrime.
We are proud of our close cooperation with Interpol. During one of our recent joint operations Group-IB contributed to a series of actions as a part of an international police operation to disrupt the Dorkbot botnet server which was responsible for spreading malware designed to steal victim’s credentials for their online banking services.
Our clients can rely on our expert investigation as well as prompt assistance: CERT-GIB will help deal with the consequences of the incident while the Audit Department will protect your system from future attacks.
Asset and intellectual property misappropriation, products counterfeiting etc.
Espionage, raiding, commercial data breach and other abuse
Money theft, illegal use of brand and other crimes
Group-IB’s Lab has more than ten years of experience collecting and preserving digital evidence. We know what and how to search for on any data storage device, even if the data has been removed, hidden or encrypted.
We apply the most advanced equipment, software, and well-known Russian and foreign cyber forensic products to identify and collect evidence.
We use a set of mobile forensic tools to carry out a scene inspection and perform investigation activities, which enables us to collect evidence without affecting data integrity (preserving the data carrier in the evidence base) and conduct express on-site investigation.
In addition to the information itself the forensic analyst needs to know the history of data creation, access and use. We have developed innovative solutions which enable us to recreate criminal events second-by-second and discover malicious files, which antivirus cannot detect.
Malicious programs are analyzed by our special virus analysis division, whose primary function is to detect and preserve trails which lead to developers and operators of the attack.
Synergy of Group-IB forensic specialists and virus analysts’ activity provides prompt, complete and, most importantly, high-quality investigation.
Our high-quality expertise has gained the confidence of corporate clients and international law enforcement agencies.
Group-IB’s Lab is the only laboratory in Russia which specialists are certified by GIAC in Digital Forensics and Malware Analysis. Our expert results are guaranteed to be accepted as evidences both in Russian and foreign courts.
Group-IB cooperates on an international basis with Law Enforcement, sharing our unique investigative
capabilities with Interpol, Europol and national police worldwide. Group-IB has conducted the following
investigations into cyber criminal groups, leading to arrests or decrease in criminal activity: