The Canadian Radio-television and Telecommunications Commission (CRTC) is one of the key enforcement authorities in respect of Canada’s anti-spam law (CASL). CASL is broader than mere regulation of commercial electronic messages and also provides regulatory authority in respect of malware, and certain software and telecommunications activities. The CRTC cooperates with sister enforcement authorities in other countries.

The CRTC took action in respect of its authority in an internationally coordinated effort.

December 3, 2015, the CRTC served its first warrant under CASL to take down a command and control server located in Toronto, Ontario. This was part of a coordinated effort directed by law enforcement agencies in many countries at the Win32/Dorkbot malware family. The CRTC reports “Dorkbot spreads through USB flash drives, instant messaging programs, and social networks. Once a computer becomes compromised, it can be instructed to: steal passwords used for online banking and payments; download and install dangerous malware; and join other infected computers in sending multiple requests to a specific server in the hopes of overwhelming its capacity to respond (known as a distributed denial of service attack).”

The CRTC reports that this malware family has infected over one million personal computers in over 190 countries. The international enforcement effort is stated to have disrupted this widely distributed malware family.

In this investigation the CRTC worked closely with other organizations including the Canadian Cyber Incident Response Centre, Europol, the Federal Bureau of Investigation, Interpol, Microsoft Inc., Public Safety Canada and the Royal Canadian Mounted Police (RCMP).