{
	"id": "09b87367-3c91-4670-af32-11e6304ab6b5",
	"created_at": "2026-04-06T00:14:14.606398Z",
	"updated_at": "2026-04-10T03:23:51.617983Z",
	"deleted_at": null,
	"sha1_hash": "510890fef482a9ed3a97111b6f3e72b4f1aa82d5",
	"title": "CRTC and RCMP National Division Execute Warrants in Malware Investigation",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 44241,
	"plain_text": "CRTC and RCMP National Division Execute Warrants in Malware\r\nInvestigation\r\nBy Canadian Radio-television and Telecommunications Commission\r\nPublished: 2019-03-28 · Archived: 2026-04-05 23:05:20 UTC\r\nYesterday, the CRTC and the Royal Canadian Mounted Police (RCMP) National Division each executed a warrant\r\nat a residence located in the Greater Toronto Area. The operation is part of an international coordinated effort with\r\nthe Royal Canadian Mounted Police (RCMP), the Federal Bureau of Investigation and the Australian Federal\r\nPolice.\r\nMarch 28, 2019 – Gatineau – Ottawa - Canadian Radio-television and Telecommunications Commission (CRTC)\r\nYesterday, the CRTC and the Royal Canadian Mounted Police (RCMP) National Division each executed a warrant\r\nat a residence located in the Greater Toronto Area. The operation is part of an international coordinated effort with\r\nthe Royal Canadian Mounted Police (RCMP), the Federal Bureau of Investigation and the Australian Federal\r\nPolice.\r\nThe warrants were obtained as part of ongoing parallel investigations into Remote Access Trojan (RAT)\r\ntechnology. This type of malicious software (malware) enables remote access to Canadian computers, without\r\ntheir users’ consent and can lead to the subsequent installation of other malware and theft of personal information.\r\nTips from international private cyber security firms triggered the investigation.\r\nThe CRTC does not comment on active investigations, nor does it name the individuals or companies under\r\ninvestigation. Further information will be communicated when the investigation is concluded.\r\n“The execution of this warrant illustrates how our enforcement efforts are focused on online malicious activities.\r\nWe strive to protect Canadians from online threats, and this lengthy and complex investigation is an example of\r\nour commitment. We are grateful for the instrumental collaboration we obtained from our domestic and\r\ninternational partners in this case.”\r\nSteven Harroun, Chief Compliance and Enforcement Officer, Canadian Radio-television and Telecommunications\r\nCommission\r\nThe CRTC executed a warrant under Canada's Anti-Spam Legislation (CASL) and the RCMP National\r\nDivision executed a search warrant under the Criminal Code respectively.\r\nThe RCMP National Division Cybercrime Investigative Team is currently leading the Criminal Code\r\ninvestigation in Canada.\r\nThe CRTC is committed to working with partners in the public and private sectors to enhance information\r\nsharing, improve target identification and coordinate operational responses.\r\nhttps://www.canada.ca/en/radio-television-telecommunications/news/2019/03/crtc-and-rcmp-national-division-execute-warrants-in-malware-investigation.html\r\nPage 1 of 2\n\nWith the assistance of domestic and international partners, the CRTC investigates alleged violations under\r\nCASL.\r\nInformation collected by the Spam Reporting Centre is used by the CRTC, the Competition Bureau and the\r\nOffice of the Privacy Commissioner to enforce CASL.\r\nCanadians and private entities are encouraged to report spam, malware and other electronic threats to the\r\nSpam Reporting Centre.\r\nTo protect your devices against online threats, consult the Canadian Centre for Cyber Security.\r\nCASL protects Canadians from online threats while ensuring businesses can continue to compete in the\r\nglobal digital marketplace.\r\nSource: https://www.canada.ca/en/radio-television-telecommunications/news/2019/03/crtc-and-rcmp-national-division-execute-warrants-in-ma\r\nlware-investigation.html\r\nhttps://www.canada.ca/en/radio-television-telecommunications/news/2019/03/crtc-and-rcmp-national-division-execute-warrants-in-malware-investigation.html\r\nPage 2 of 2",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"Malpedia"
	],
	"references": [
		"https://www.canada.ca/en/radio-television-telecommunications/news/2019/03/crtc-and-rcmp-national-division-execute-warrants-in-malware-investigation.html"
	],
	"report_names": [
		"crtc-and-rcmp-national-division-execute-warrants-in-malware-investigation.html"
	],
	"threat_actors": [
		{
			"id": "d90307b6-14a9-4d0b-9156-89e453d6eb13",
			"created_at": "2022-10-25T16:07:23.773944Z",
			"updated_at": "2026-04-10T02:00:04.746188Z",
			"deleted_at": null,
			"main_name": "Lead",
			"aliases": [
				"Casper",
				"TG-3279"
			],
			"source_name": "ETDA:Lead",
			"tools": [
				"Agentemis",
				"BleDoor",
				"Cobalt Strike",
				"CobaltStrike",
				"RbDoor",
				"RibDoor",
				"Winnti",
				"cobeacon"
			],
			"source_id": "ETDA",
			"reports": null
		}
	],
	"ts_created_at": 1775434454,
	"ts_updated_at": 1775791431,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/510890fef482a9ed3a97111b6f3e72b4f1aa82d5.pdf",
		"text": "https://archive.orkl.eu/510890fef482a9ed3a97111b6f3e72b4f1aa82d5.txt",
		"img": "https://archive.orkl.eu/510890fef482a9ed3a97111b6f3e72b4f1aa82d5.jpg"
	}
}