CRTC executes warrant in Ontario following malicious malware investigation

The Canadian Radio-television and Telecommunications Commission (CRTC) announced on Wednesday that it executed a warrant under Canada’s anti-spam legislation (CASL) at two locations in the Niagara region of Ontario.

The warrant – granted by a justice from the Ontario Court of Justice and executed with the assistance of police officers – was obtained as part of an ongoing investigation relating to the installation of malicious software (malware) and the alteration of transmission data, CRTC explained in a press release. The CRTC launched its investigation further to a lead from FireEye Inc., a vendor based in Milpitas, Calif. specializing in cyber threat protection and forensics.

“We are working to protect Canadians from online threats by pursuing those individuals and entities who violate Canada’s anti-spam legislation,” said Manon Bombardier, CRTC chief compliance and enforcement officer. “We are grateful for the assistance that FireEye Inc. provided which led to the execution of this warrant, and we will continue to work closely with our domestic and international partners in the fight against cyber threats.”

Related: CRTC serves its first-ever warrant under Canada’s anti-spam law

This is the second time a warrant has been executed since Canada’s anti-spam legislation came into force in 2014. The malware provisions came into force in January 2015. On Dec. 3, the CRTC announced the first-ever warrant to take down a command-and-control server located in Toronto as part of a coordinated international effort.

“With this effort, law enforcement agencies from around the globe have disrupted one of the most widely distributed malware families: Win32/Dorkbot,” the CRTC said at the time, noting that the malware family had infected more than one million personal computers in over 190 countries.

Win32/Dorkbot spreads through USB flash drives, instant messaging programs and social networks. Once a computer becomes compromised, it can be instructed to: steal passwords used for online banking and payments; download and install dangerous malware; and join other infected computers in sending multiple requests to a specific server in the hopes of overwhelming its capacity to respond (known as a distributed denial of service attack).

The CRTC said that it does not comment on active investigations, nor does it name individuals or companies under investigation.