Malware Analysis: Botnets, Worms, Trojans, Viruses, & Rootkits
Whether your malware is resident in volatile memory (RAM) or persistently hidden somewhere in the file system or registry of your system, Atlantic Data Forensics has the computer forensics expertise to identify, and then mitigate or eliminate the cyber threat. What's often most important, though, is determining a piece of malware's capabilities (is it logging your keystrokes? searching for financial data? performing clickfraud?), when the infection started, and what systems may have been compromised. ADF has experience with answering these common malware questions, and more.
Atlantic Data Forensics works with a community of network monitoring, malware analysis, and intrusion investigation professionals to share and keep updated on the latest threat targets and methodologies. Our investigators bring years of experience and understanding of a wide variety of cyber threats to table to deal with, remediate, and report on even the most advanced cyber threats.
A botnet is a network of remotely controlled computer systems. Users of these systems (which can range from standard home laptops and computers to complex corporate assets) often have no idea their systems are infected. Most often, these "bots" (the infected computers) are used to send spam, click links to fraudulently earn advertising dollars for criminals (clickfraud), and launch distributed denial of service (DDoS) attacks. In other cases, though, they are used for gathering credit card data, banking information, and other information to perpetrate financial fraud. This type of risk is spread easily and became more feasible and useful thanks to the ubiquity of always-on internet connections. Remotely-controllable computers with always-on broadband internet present a great value to the criminals who infect your systems.
Worms spread from one system to the other without human interaction. (e.g., without a person sending along an infected email). A single worm infection easily becomes many more. Worms can play a role in slowing down computer systems due to their usage of memory, and can lead to errors and system shutdowns, among other more dangerous payloads.
This type of malicious software gains powerful root-level access to the infected system, and then hides its own existence, often by intercepting legitimate requests by the operating system and programs and replacing their legitimate output with output of its own.
Atlantic Data Forensics can perform:
- Network traffic capture and inspection
- Static and dynamic malware analysis
- Spam record and email monitoring
- Honeypot setup and review
- Log file analysis
- Disk forensic techniques and artifact examination
- Reviewing feedback from any anti-threat (IDS, IPS, etc) software program already in place
- Volatile memory (RAM) analysis
- Malware reverse engineering
We’ll help you get cyber intruders out of your network and assist in setting up new defense strategies to keep your network secure. But minutes matter. If you believe you may be the victim of a potential attack, call ADF right now.