CASL enforcers drive a stake through malware giant’s core

The RCMP has handed over a warrant to a Toronto-based address allegedly responsible for infecting over one million computers worldwide.
By Sonya Fatah
December 4, 2015

The CRTC wants businesses to know that it’s serious about anti-spam law enforcement.

The regulatory body announced yesterday that it issued its first warrant under the Canada Anti-spam Law (CASL). The warrant was the result of coordination among international bodies to shut down a Toronto-based command-and-control server. The Federal Bureau of Investigation, Europol, Interpol, Microsoft Inc., the Royal Canadian Mounted Police (RCMP), Public Safety Canada and the Canadian Cyber Incident Response Centre worked collaboratively on the case.

An Ontario Justice of the Peace issued the warrant, which was executed with the help of the RCMP.

Manon Bombardier, chief compliance and enforcement officer at CRTC, noted in a statement that the operation to take down Dorkbot emphasized the necessity of domestic and international partnerships to combat cyber threats, while protecting the interests of Canadian citizens as well. “We are pleased to work alongside our partners during this investigation to mitigate the harm caused to Canadians and citizens in other countries by Dorkbot. These are very egregious botnets that are used for illicit activities and can lead to identity theft and fraud.”

Authorities allege that the server – Wi32/Dorkbot – was among the world’s most widely distributed malware families and was responsible for infecting over one million personal computers across 190 countries. The malware was able to spread through USB flash drives, instant messaging programs and social networks. Infected computers’ passwords for online banking were compromised as a result. Together the infected computers were capable of launching a kind of mass attack by sending messages at once to a single server to prevent its ability to respond.  

CASL was passed into law in December 2010 and entered into force almost four years later in July 2014. On January 2015, an additional section pertaining to the unsolicited installation of software (or computer programs) also came into force.

CASL was also discussed at yesterday’s annual metrics meeting hosted by the Interactive Advertising Bureau of Canada where the annual Canadian Media Usage Trends report was launched. Paul Briggs, an analyst at eMarketer, identified CASL in his presentation as the most strict anti-spam legislation in the world. It “cast a chill over e-marketing spend,” he said, and caused many businesses to simply shut down their e-marketing efforts at first and e-marketing spend didn’t recover for six to nine months.

However, Briggs noted that the email metrics post-CASL’s implementation reveal that the legislation has been effective. He referenced results from a study undertaken eight months following CASL’s start, which showed that residents in Canada get 29%  less e-mail and that spam originating from Canada dropped by 37% as a result of CASL.

Recently Rogers Media was fined $200,00 for failing to comply with CASL. Other companies that have been sited are Compufinder, PlentyofFish and Porter Airlines.

As the investigation regarding the warrant is currently ongoing, no further details have been revealed.

Image courtesy of Shutterstock

 

 

Tags:


, , ,