Malware investigations

10+ years of experience in malware analysis, malware campaigns, and analysis of targeted attacks

It all started with Duqu and the interest in this field has been ongoing ever since. Our understanding of new attack trends and techniques helps us to better remediate security incidents for our clients. Our expertise is used by some of the largest antivirus companies and we are one of the most innovative members of the professional community.

What are you looking for?


Malicious documents

Today, everyone can be reached by (public) email, and working online has made this even more important as everyone works from home. In many cases, not technology is the bottleneck of vulnerability, but the human factor, and it is the easiest to exploit. A common type of attack is malicious files arriving as attachments in phishing emails (word, pdf and other typical office formats), which often download and launch a more complex malware. These can be prevented by early detection, proper preparation, user education etc.


A successful attack makes it impossible to use the computer or the whole system. Important data becomes inaccessible and the user is held for ransom. Some ransomware spreads to individual users, others attack in a smart, delayed manner, scanning the network and sharing themselves, causing much bigger problems, capable of crippling entire systems.

Information stealer trojan malware

These put the most sensitive customer data at risk. The data they obtain is traded or, in worse cases, directly harms the end user.

IoT malware

Malware written directly on a specific physical architecture, hardware; In OT systems, it can harm availability, which is the most important aspect here from the Availability-Integrity-Confidentiality dimensions. OT systems are not prepared for attacks, while more and more of them are being created and integrated, providing an ever larger attack surface. Neither the people nor the protocols support secure operation.


These are very well tested attacks. They target a specific device from a specific manufacturer. The bigger the market or state actors, the more likely they are to be subject to such attacks: in the case of critical infrastructures, it can be a means of exerting political pressure, of making competitors impossible to compete.


Our methods and work standards

Why choose us

We pick apart the malware that comes our way with scientific rigour and obsessive curiosity.

We are integrated in the international academic network of mad scientists and IT security communities.

We tailor the investigation process to the client's objectives.

We use in-depth analysis and reverse engineering techniques.

We make suggestions to avoid future incidents, we follow-up incidents as needed.

What you get

Educational, transparent and detailed report to upgrade your security posture

Professional excellence, customer oriented attitude

Follow-up, support, training and consulting as requested

Academic rigor and excellence in our job

All our results are delivered with business usability in mind