Canada’s telecom regulator has executed its first warrant to take down a Toronto-based malware server that infected computers in 190 countries worldwide.
The move was part of a co-ordinated effort by the Federal Bureau of Investigation, Europol, Interpol, Microsoft Inc., the Royal Canadian Mounted Police (RCMP), Public Safety Canada and the Canadian Cyber Incident Response Centre, said Manon Bombardier, chief enforcement officer with Canadian Radio-television and Telecommunications Commission (CRTC).
Bombardier said because of the ongoing investigation she could not provide any specific information about the police raid and the company or individuals targeted by the warrant.
The CRTC launched the investigation after it was informed about an international botnet, a remotely controlled network of computers, that was active in about 190 countries including Canada, Bombardier said.
“In order to enter the place where the server was located, we needed to get a warrant to search the premises,” Bombardier said.
The Toronto server acted as a command-and-control point for the Win32/Dorkbot malware, a family of related computer worms that spread through USB keys and instant messaging services and can steal usernames and passwords by watching your online activity, she said.
A computer infected with Dorkbot can also download other malware and compromise a system further.
“These are very egregious botnets that are used for illicit activities and can lead to identity theft and fraud,” said Bombardier. “ This operation shows that partnerships between domestic and international law enforcement agencies are key in the fight against transnational cyber threats.”
For reasons beyond our control, and for an undetermined period of time, our comment section is now closed. However, our social networks remain open to your contributions.