As a business or private computer or mobile device user, it is quite a shock to discover that your computer or mobile phone has been hacked. This can compromise your identity, banking details, private pictures and sensitive information such as title deeds or other personal or business information which can be used to steal your personal or business identity and use your good credit rating and reputation to their own benefit and cause serious damage.
Hackers are becoming more and more sophisticated nowadays, going after not just the big targets but also smaller companies and individuals. This means that even though you might not be a big corporation with a high-end IT department, they can still get to you. That’s why it’s important to know how to figure out if you have been hacked before it gets worse. Computer forensics examinations are aimed to find hacking attempts of computers, mobile phones and other digital devices with an operating system. Computer Forensics Lab experts can forensically examine your device for any potential hack and breach such as rootkits, trojans, malware and infected system files, find the evidence, analyse it and document our findings in an authoritative, legally-compliant computer forensics report. In cases where a computer is suspected of being hacked, we will utilise all our expertise and our advanced digital forensic tools in order to find and identify the hackers.
The forensic findings can include but not limited to IP address of the computer or mobile phone they used together with all the associations with their user names, emails addresses, GPS information, wired or wireless network and so on. Other information can include the location, the VPNs, platforms used as well as any pseudonyms and fake IDs they have used to hide their tracks. For example, in Microsoft Windows-based computers, the digital forensic expert, among other things, may analyse numerous sources such as registry, event logs and memory dumps in order to find traces typical to various tricks used by hackers to penetrate the client’s computer system. In this particular case, the expert will look at various artefacts located inside Amcache, Shimcache, Syscache, BAM/DAM, AppInit DLLs, change of default file association, scheduled tasks, remote connections (RDP, Remote Connection, TeamViewer, RATs and others), start-up tasks, browser extensions and so on in order to detect and discover any suspicious connections, malware, rootkits or scripts and analyse their behaviour.