OTTAWA–GATINEAU – The CRTC has used its new anti-spam powers to pull the plug on a Toronto-based server distributing malware on the Internet.
The Commission said late Thursday that it served it’s first-ever warrant under Canada's anti-spam law (CASL) to take down a command-and-control server in Toronto as part of a coordinated international effort. The warrant was granted by a judge of the Ontario Court of Justice and was carried out with the assistance from the RCMP. The Federal Bureau of Investigation, Europol, Interpol, Microsoft Inc., Public Safety Canada and the Canadian Cyber Incident Response Centre were also involved in the investigation.
According to the CRTC, the server acted as a command-and-control point for the Win32/Dorkbot malware, a family of related computer worms that has infected more than one million personal computers in over 190 countries. Dorkbot spreads through USB keys, instant messaging programs, and social networks, and can steal usernames and passwords as well as join other infected computers in sending multiple requests to a specific server in the hopes of overwhelming its capacity to respond (known as a distributed denial of service attack).
The CRTC does not comment on active investigations, nor does it name the individuals or companies under investigation.
“We are pleased to work alongside our partners during this investigation to mitigate the harm caused to Canadians and citizens in other countries by Dorkbot”, said CRTC chief compliance and enforcement officer Manon Bombardier, in a statement. “These are very egregious botnets that are used for illicit activities and can lead to identity theft and fraud. This operation shows that partnerships between domestic and international law enforcement agencies are key in the fight against transnational cyber threats.”
