Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Watchlists Beta Browse News Feed Stats About Contact

CSIS court-authorized botnet disruption on Canadian devices

Public Sector Action
First reported
Last updated
Happening score
H score 25
1 unique sources, 1 articles

Summary

Hide ▲

CSIS used a judge-authorized threat reduction warrant to disrupt two foreign-run botnets on Canadian devices, marking the service's first use of those powers in this way. The action let the agency alter, degrade, destroy, and disconnect botnet data on servers, SOHO routers, and IoT gear on Canadian soil. The Federal Court released a public version of the ruling on June 15, 2026, after granting the warrant on May 1, 2024. The ruling matters because the court found the threat to Canada clearly established and imminent and tied the operation to national-security risk.

Related Happenings

Foreign-run botnets relaying traffic through infected Canadian devices

Malware Activity
H score22 First: 22.06.2026 12:11 Last: 22.06.2026 12:11 Sources 1

How related: The two botnets ran the standard relay playbook. A command tier issued the orders; a layer of infected devices relayed the traffic.

About this happening: The public ruling confirms **two foreign-run botnets** used **infected Canadian devices** as traffic relays, a setup that can conceal probing of **critical infrastructure, governm...

Open Happening

Xu Zewei extradited for U.S. cyberespionage prosecution

Law Enforcement
H score57 First: 27.04.2026 22:56 Last: 27.04.2026 22:56 Sources 1

About this happening: **Xu Zewei** was **extradited from Italy to the United States** to face criminal charges in a **cyberespionage** case tied to **China's MSS**. The move expands the legal exposure...

Open Happening

Section 702 reauthorization and privacy limits debate

Regulatory/Legal (General)
H score20 First: 15.04.2026 13:25 Last: 15.04.2026 13:25 Sources 1

About this happening: Congress is set to debate **Section 702** reauthorization as the surveillance authority nears expiration, a move that could reshape U.S. access to overseas communications and inci...

Open Happening

John Daghita arrest in Saint Martin USMS crypto-theft case

Law Enforcement
H score22 First: 05.03.2026 20:36 Last: 05.03.2026 20:36 Sources 1

About this happening: **John Daghita** was **arrested on Saint Martin** in a **joint FBI/French Gendarmerie operation**, escalating a cybercrime case tied to an alleged **$46 million cryptocurrency the...

Open Happening

U.S. State Department and OFAC sanction Operation Zero over trade secret theft

Regulatory/Legal Action
H score28 First: 25.02.2026 10:49 Last: 25.02.2026 10:49 Sources 1

About this happening: The **U.S. State Department** and **OFAC** imposed sanctions on **Operation Zero**, **Sergey Sergeyevich Zelenyuk**, and **STS** under **PAIPA**, escalating pressure on a cyber-ex...

Open Happening

Timeline

  1. 22.06.2026 12:11 1 articles · 3h ago

    Federal Court authorizes CSIS to disrupt foreign-run botnets on Canadian devices

    Legal Policy Action Update

    Justice Catherine Kane granted CSIS a threat reduction warrant allowing the service to alter, degrade, and destroy botnet data on Canada-based servers, SOHO routers, and IoT devices on Canadian soil and cut those devices loose from the networks.

    Show sources
    Open in new tab
  2. 22.06.2026 12:11 2 articles · 3h ago

    Federal Court releases public ruling on CSIS botnet disruption warrant

    Initial Disclosure

    The Federal Court released a public version of the ruling that made CSIS's threat reduction warrant public and confirmed the remote disruption of two foreign-run botnets on Canada-based servers, SOHO routers, and IoT devices.

    Show sources
    Open in new tab