Ransomware response and cyber extortion with ransomware decryption and bitcoins, LIFARS offers computer forensics New York in digital forensics laboratory for ransomware, digital forensics, Facebook hacking, iTwitter hacking, gmail hack, Computer Forensics New York LIFARS

LIFARS Computer & Digital Forensics New York Laboratory

The LIFARS New York City Lab was established in collaboration with the FBI, Department of Homeland Security and US Secret Service to address all forms of cybercrime including ransomware, cyber extortion, celebrity hacking, Facebook hacking, insider threats, Twitter hacking, Gmail hacking and more.

Cyber Incident Response

For mission critical systems, the LIFARS Incident Response Team is deployed to the local enterprise environment.  The LIFARS digital forensics process then laterally engages to affected systems and potentially compromised endpoints in the network with high speed and precision.

Our mission is to minimize the threat surface, minimize the extent of the compromise, and minimize the damage associated with the cyber attack. Our network forensics process leverages our in-depth expertise from our highly advanced digital forensics investigations, combined with IoCs and TTPs from our proprietary knowledge base.

Ransomware Forensics Case Study is on the rise and becoming a more prevalent means of attack. Learn how the LIFARS team have dealt with a ransomware case.
Case Study

Ransomware Forensics

Learn More →

LIFARS offers computer forensics New York in digital forensics laboratory for ransomware, digital forensics, Facebook hacking, iTwitter hacking, gmail hack, Computer Forensics New York LIFARS

Forensics and Digital Investigations

Mobile forensics is an emerging trend in digital investigations, since almost every criminal is using portable devices. LIFARS digital forensics support criminal and civil proceedings and follows established guidelines for processing electronically stored information. The cyberworld has fractured the physical barriers that shield nations, enterprises, and world citizens. Through cyberspace, threat actors target anything connected and exploit its weakness.

Digital forensics heavily relies on artifacts collected form compromised systems, recorded network communications, and digital evidence. The LIFARS team has performed evidence preservation, digital forensics collection, forensics imaging, for many domestic and international matters. The LIFARS Computer Forensics New York Laboratory established methodology for detailed analysis and scientific examination is replicated in our field offices around the globe.

LIFARS offers computer forensics New York in digital forensics laboratory for ransomware, digital forensics, Facebook hacking, iTwitter hacking, gmail hack, Computer Forensics New York LIFARS

Mobile Forensics

A critical component to many forensic investigations is recognizing information and data from mobile devices, which includes cell phone forensics, mobile device forensics, iPad forensics, and others. LIFARS can answer questions about phone calls, various chat messages, images and video, and hidden stored artifacts. Geo location GPS and EXIF metadata stored on mobile devices can provide significant forensics value.

Methods for collection and examinations are constantly changing and the LIFARS Computer Forensics New York Laboratory is an industry trendsetter in the methodologies used.


LIFARS offers computer forensics New York in digital forensics laboratory for ransomware, digital forensics. Computer Forensics New York LIFARS

Memory Forensics

Advanced threat actors are using memory implants, malware that resides and lives only in the memory of digital systems, to avoiding leaving artifacts of compromise on the computer's hard disk drive. Many nation state attacks are leveraging memory malware and covert operations to avoid detection. The LIFARS Computer Forensics New York Laboratory has developed a unique proprietary methodology to discover and investigate memory implants.

The LIFARS Incident Response team has developed automated and expert manual processes for memory forensics, and state of the art investigation techniques that are used to review every offset of memory for malicious program injections.



LIFARS offers computer forensics New York in digital forensics laboratory for ransomware, digital forensics, Facebook hacking, iTwitter hacking, gmail hack, Computer Forensics New York LIFARS

Network Forensics

Detecting malicious network traffic in intrusion detection systems and live network streams is very depended on communication protocols, decoding and extraction of meaningful artifacts, metadata and data. Network protocol forensics and automation of the process is done with MantOS, an operating system developed by LIFARS, which provides a comprehensive collection of proprietary and public domain tools.

The LIFARS Computer Forensics New York Laboratory developed methodologies to detect nation states attacks in real time through network communication IoCs while additionally profiling malicious network traffic with Artificial Intelligence and Machine Learning algorithms.

LIFARS Computer Forensics New York Laboratory in Action

LIFARS developed advancements in malware analysis and blockchain forensics to combat the hacking of bitcoin wallets. When fraudulent bitcoin payment is made, it is often is processed by “cryptocurrency mixer,” which splits the transaction into fragments and reassembles them at the end. New methods for blockchain transaction analysis were developed and tested in the LIFARS Computer Forensics New York Laboratory, when LIFARS was investigating a real case of stolen bitcoins valued close to 70 million USD.

The threat actor used TTPs very similar to a nation state attacker, and deployed Microsoft scripting and powershell command execution. Leveraging command and control infrastructure on internet, the Threat Actors were able to abuse native operating system tools to perform explorations, lateral movement, and to keep persistence. The LIFARS Incident Response Team with sate of art knowledge and methodologies, was able to identify the actions of this sophisticated threat actor and provided evidence for prosecution.