GATINEAU – The CRTC today levied a $100,000 fine to John Paul Revesz and Vincent Leo Griebel, who were partners operating under the business name Orcus Technologies, for developing, selling and promoting malware.
An additional penalty of $15,000 was issued to John Paul Revesz “for operating a secure dynamic domain name service that was allegedly used by hackers to communicate with a variety of infected machines,” reads the press release.
The Commission investigation found Orcus Technologies marketed and sold a Remote Administration Tool under the name Orcus RAT, and concluded this tool was in fact malware. It was a Remote Access Trojan which enabled hackers to install the program and take full control of a victim's computer without their consent or knowledge.
By marketing and offering these products and services, Revesz and Griebel aided in the commission of numerous violations of Canada's anti-spam legislation. It’s estimated this Orcus RAT malware has infected thousands of computers worldwide.
"We are pursuing our efforts to intervene in online threats that compromise Canadians' personal information and disrupt their online activities. By working closely with our partners, we were able to take down this cyber threat. I'd like to thank the RCMP National Division and the threat researchers at Palo Alto Networks for their collaboration and assistance,” said Steven Harroun, the CRTC’s chief compliance and enforcement officer.
The alleged violators now have 30 days to pay the penalty or challenge the notice of violations and penalties before the Commission.
The CRTC collaborated closely with domestic and international partners – including investigators within the RCMP, the Federal Bureau of Investigation (FBI) and the Australian Federal Police (AFP) – to successfully conclude this case, adds the release. The cybersecurity company Palo Alto Networks provided critical information to assist the CRTC in its investigation.
