Get a Quote24X7 Hotline
Incident Response and Litigation Support

Malware and Advanced Persistent Threat Detection

Our expertise allows us to identify and analyze the scope and intent of advanced persistent threats to launch a targeted and effective response.
Contact Us

Explore Cyber and Data Resilience

Cyber Insights
Cyber Case Studies
Cyber Awards

When sensitive information is compromised by malicious software, knowing how it works and what it’s capable of doing is crucial to an effective incident response.

Malicious software attacks that succeed in infiltrating a company’s network pose a strong threat to commercial and public sector interests. At Kroll, we help organizations identify and analyze suspected malware to determine exactly what it was – or was not – capable of doing.

Understanding the Threat From Viruses and Spyware

No antivirus or anti-malware product can identify and stop 100 percent of malicious code from penetrating or activating inside your IT network. If you suspect malware caused a data breach or other information security incident, it is vital to quickly understand the scope of the malware impact on your systems and identify any data loss. The only true way to do this is to look at the machine language code inside the malware. Most hackers use sophisticated software to make it hard to get to the actual code; they may even throw a layer of encryption into the equation. But it is possible to uncover that code to provide insight into the exact nature and scope of a breach incident. Kroll has developed solutions to quickly detect, analyze, and inactivate malware viruses.

Malware and Advanced Persistent Threats Analysis: Our approach

As advanced persistent threats continue to evolve in sophistication, Kroll continues to evolve in technology solutions and the ability to perform live system memory and forensic analysis. We have an expert team of information security consultants and network forensic analysts who are specially trained to identify the impact of unknown software code within your IT network. Through reverse engineering, we quickly examine hostile malware code to understand the program and define its functionality. Further analysis enables us to identify the scope and intent of advanced persistent threats, deepening your understanding so you can launch a more targeted and effective response.

Stay Ahead with Kroll

Data Collection and Preservation

Improve investigations and reduce your potential for litigation and fines with the strict chain-of-custody protocol our experts follow at every stage of the data collection process.

Data Collection and Preservation

Computer Forensics

Kroll's computer forensics experts ensure that no digital evidence is overlooked and assist at any stage of an investigation or litigation, regardless of the number or location of data sources.

Computer Forensics

24x7 Incident Response

Kroll is the largest global IR provider with experienced responders who can handle the entire security incident lifecycle.

24x7 Incident Response

Office 365 Security, Forensics and Incident Response

Digital forensic experts investigate hundreds of Office 365 incidents per year and help strengthen your security.

Office 365 Security, Forensics and Incident Response

Malware Analysis and Reverse Engineering

Kroll’s Malware Analysis and Reverse Engineering team draws from decades of private and public-sector experience, across all industries, to deliver actionable findings through in-depth technical analysis of benign and malicious code.

Malware Analysis and Reverse Engineering

Business Email Compromise (BEC) Response and Investigation

In a business email compromise (BEC) attack, fast and decisive response can make a tremendous difference in limiting financial, reputational and litigation risk. With decades of experience investigating BEC scams across a variety of platforms and proprietary forensic tools, Kroll is your ultimate BEC response partner.

Business Email Compromise (BEC) Response and Investigation
Explore Insights
Magecart Attacks: Prevention Tips and Security Best Practices
The Monitor

Magecart Attacks: Prevention Tips and Security Best Practices

October 28, 2024

by Dan Ryan, Michael Carulli

What is Magecart Malware and How to Protect Against It
CVE-2023-47246: SysAid On-Prem Software Zero-Day Vulnerability Exploited by CL0P Ransomware Group
Threat Intelligence

CVE-2023-47246: SysAid On-Prem Software Zero-Day Vulnerability Exploited by CL0P Ransomware Group

November 14, 2023

by George Glass, Keith Wojcieszek, Mikesh Nagar

SysAid On-Premise Software Zero-Day Used in Clop Ransomware Attacks
MOVEit Vulnerability Investigations Uncover Additional Exfiltration Method
Threat Intelligence

MOVEit Vulnerability Investigations Uncover Additional Exfiltration Method

July 24, 2023

by Steven Coffey, Josh Mitchell, Dan Cox

MOVEit Vulnerability Investigations Uncover New Hidden Exfiltration Method
Deep Dive into GOOTLOADER Malware and Its Infection Chain
Threat Intelligence

Deep Dive into GOOTLOADER Malware and Its Infection Chain

June 23, 2023

by Keith Wojcieszek, Ryan Hicks, George Glass

Deep Dive Gootloader Malware Infection Chain
Bloor Research: Managed Detection and Response - 2023 Market Update
Managed Detection and Response

Bloor Research: Managed Detection and Response - 2023 Market Update

February 27, 2023

by Mark Nicholls

bloor-managed-detection-response-2023-market-update
Rise of AI-Generated, Fake LinkedIn Profiles Raises Social Engineering Challenges
Cyber

Rise of AI-Generated, Fake LinkedIn Profiles Raises Social Engineering Challenges

October 28, 2022

by Isaiah Jensen, Caitlin Muniz, Amie Nguyen

Rise of AI-Generated, Fake LinkedIn Profiles Raises Social Engineering Challenges
News
Kroll Appoints Katherine Keefe to Lead Global Cyber Insurance Industry Capabilities
Press Release

Kroll Appoints Katherine Keefe to Lead Global Cyber Insurance Industry Capabilities

October 18, 2024
Kroll Announces Appointment of Katherine Keefe to Lead Global Cyber Insurance Capabilities
Kroll Becomes Relativity Gold Provider Partner
Press Release

Kroll Becomes Relativity Gold Provider Partner

September 19, 2024
Kroll Becomes Relativity Gold Provider Partner
Kroll Recognized in 2024 Gartner Market Guide for Digital Forensics and Incident Response Retainer Services for the Fifth Consecutive Year
Kroll in News

Kroll Recognized in 2024 Gartner Market Guide for Digital Forensics and Incident Response Retainer Services for the Fifth Consecutive Year

September 12, 2024
Kroll Recognized 2024 Gartner Market Guide DFIR Services
Kroll Expands AI Risk Consulting Services
Press Release

Kroll Expands AI Risk Consulting Services

August 27, 2024
Dan Rice

Kroll is headquartered in New York with offices around the world.

One World Trade Center
285 Fulton Street, 31st Floor
New York NY 10007
+1 212 593 1000
Sign up to receive periodic news, reports, and invitations from Kroll. Our privacy policy describes how your data will be processed.

More About Kroll

More About Kroll
© 2025 Kroll, LLC. All rights reserved. Kroll is not affiliated with Kroll Bond Rating Agency, Kroll OnTrack Inc. or their affiliated businesses. Read more.
Return to top