Malware and Advanced Persistent Threat Detection

Our expertise allows us to identify and analyze the scope and intent of advanced persistent threats to launch a targeted and effective response.

Contact us
/en/services/cyber-risk/incident-response-litigation-support/malware-advanced-persistent-threat-detection service

When sensitive information is compromised by malicious software, knowing how it works and what it’s capable of doing is crucial to an effective incident response.

Malicious software attacks that succeed in infiltrating a company’s network pose a strong threat to commercial and public sector interests. At Kroll, we help organizations identify and analyze suspected malware to determine exactly what it was – or was not – capable of doing.

Understanding the Threat From Viruses and Spyware

No antivirus or anti-malware product can identify and stop 100 percent of malicious code from penetrating or activating inside your IT network. If you suspect malware caused a data breach or other information security incident, it is vital to quickly understand the scope of the malware impact on your systems and identify any data loss. The only true way to do this is to look at the machine language code inside the malware. Most hackers use sophisticated software to make it hard to get to the actual code; they may even throw a layer of encryption into the equation. But it is possible to uncover that code to provide insight into the exact nature and scope of a breach incident. Kroll has developed solutions to quickly detect, analyze, and inactivate malware viruses.

Malware and Advanced Persistent Threats Analysis: Our approach

As advanced persistent threats continue to evolve in sophistication, Kroll continues to evolve in technology solutions and the ability to perform live system memory and forensic analysis. We have an expert team of information security consultants and network forensic analysts who are specially trained to identify the impact of unknown software code within your IT network. Through reverse engineering, we quickly examine hostile malware code to understand the program and define its functionality. Further analysis enables us to identify the scope and intent of advanced persistent threats, deepening your understanding so you can launch a more targeted and effective response.

Connect with us

Jason N Smolanoff
Jason N. Smolanoff
President, Cyber Risk
Cyber Risk
Los Angeles
Alan Brill
Alan Brill
Senior Managing Director
Cyber Risk

See all servicesStay Ahead with Kroll


Valuation of businesses, assets and alternative investments for financial reporting, tax and other purposes.

Compliance and Regulation

End-to-end governance, advisory and monitorship solutions to detect, mitigate and remediate security, legal, compliance and regulatory risk.

Corporate Finance and Restructuring

Comprehensive investment banking, corporate finance, restructuring and insolvency services to investors, asset managers, companies and lenders.

Cyber Risk

Incident response, digital forensics, breach notification, managed detection services, penetration testing, cyber assessments and advisory.

Environmental, Social and Governance

Advisory and technology solutions, including policies and procedures, screening and due diligence, disclosures and reporting and investigations, value creation, and monitoring.

Investigations and Disputes

World-wide expert services and tech-enabled advisory through all stages of diligence, forensic investigation, litigation and testimony.

Business Services

Expert provider of complex administrative solutions for capital events globally. Our services include claims and noticing administration, debt restructuring and liability management services, agency and trustee services and more.


Rise of AI-Generated, Fake LinkedIn Profiles Raises Social Engineering Challenges

Oct 28, 2022

by Laurie Iacono Isaiah Jensen, Caitlin Muniz, Amie Nguyen


New MFA Bypass Phishing Method Uses WebView2 Applications with Hidden Keylogger

Jul 28, 2022

by Scott Hanson Mikesh Nagar, George Glass


Bumblebee Loader Linked to Conti and Used In Quantum Locker Attacks

Jun 06, 2022

by George Glass


The Kroll Intrusion Lifecycle: Threat Actor Behavior from a Visual Perspective

May 11, 2022

by Devon Ackerman


Q4 2021 Threat Landscape: Software Exploits Abound

Feb 16, 2022

by Keith WojcieszekLaurie Iacono George Glass


Addressing the Ransomware Attack Against Kaseya VSA Customers

Jul 08, 2021

by Scott HansonJaycee Roth Anthony Knutson


Kroll Partners with Armis to Extend Preparedness and Response for OT and ICS Environments

May 09, 2022


Kroll Named in the GIR 100

Oct 23, 2020


Kroll Named a Cyber Security Services Pacesetter by ALM Intelligence

Oct 28, 2020


Kroll Enhances Managed Detection and Response Solutions with Kroll Responder

Sep 17, 2020