Notable Cases and Evidence Contribution

Below we highlight some of the notable breaches and security indictments which LIFARS worked on. Our team is available to provide expert witness testimony on cybersecurity issues.

LIFARS Law Enforcement Connection

Long-established relationships with law enforcement enable LIFARS to respond to incidents that require law enforcement intervention with speed and precision that distinguishes LIFARS from the competition.


Seven International Cyber Defendants, Including “Apt41” Actors, Charged In Connection With Computer Intrusion Campaigns Against More Than 100 Victims Globally.


Cryptocurrency Hack

A federal indictment was unsealed in early 2021 that charged three North Korean computer programmers with participating in a wide-ranging criminal conspiracy to conduct a series of destructive cyberattacks, to steal and extort more than $1.3 billion of money and cryptocurrency from financial institutions and companies, to create and deploy multiple malicious cryptocurrency applications, and to develop and fraudulently market a blockchain platform. Given LIFARS’ reputation and expertise, LIFARS was called to respond to the initial system compromise, and provide incident response service, including gathered forensics evidence for US and international law enforcement agencies, including local state Digital Forensic Unit, US Secret Service, FBI, DHS, IRS, and Europol.

APT 10 Group

Two hackers associated with the Chinese government indicted for infiltrating numerous companies around the globe as well as U.S. government agencies. APT10, a Chinese state-sponsored hacking group working for the country’s Ministry of State Security. APT10 is also credited with compromising telecom firms around the world stealing client data and information China deems important.


In a joint operation, the Federal Bureau of Investigation (FBI) and authorities from several European countries have successfully taken down xDedic, a notorious dark web marketplace known for selling stolen digital goods such as login credentials, identity cards, and hacked servers.

SamSam Ransomware

A federal grand jury returned an indictment in Newark, New Jersey charging two men both from Iran, in a 34-month-long international computer hacking and extortion scheme.

Lazarus Group

North Korean Regime-Backed Programmer Charged With Conspiracy to Conduct Multiple Cyber Attacks and Intrusions. North Korean Hacking Team Responsible for Global WannaCry 2.0 Ransomware, Destructive Cyberattack on Sony Pictures, Central Bank Cybertheft in Bangladesh, and Other Malicious Activities.


  • We provide proprietary IOC’s and TTPs not available to your SOC.
  • Enhancement of your security team’s capabilities to get more value from your existing SOC.
  • Provide response to address your high and critical security alerts from our experienced forensics experts and incident response teams.
  • Optimized visibility into the nature of your alerts within the network.
  • Greater visibility into your network and pattern of threats you face, we can provide valuable insights on ways to improve your overall security posture.