Canada’s Spy Agency Used First-of-Its-Kind Warrant to Clean Botnet-Infected Devices

Staff Editor 2026-06-22
Canada’s Spy Agency Used First-of-Its-Kind Warrant to Clean Botnet-Infected Devices

Canada’s Spy Agency Used First-of-Its-Kind Warrant to Clean Botnet-Infected Devices

https://thehackernews.com/2026/06/canadas-spy-agency-used-first-of-its.html

Publish Date: 2026-06-22 05:11:00

Source Domain: thehackernews.com

Canada’s spy service got a judge’s permission to reach into infected servers, home routers, and IoT gear sitting on Canadian soil and neutralize two foreign-run botnets.

The Federal Court released a public version of the ruling on June 15. It is the first time the Canadian Security Intelligence Service has used its threat reduction warrant powers this way.

The warrant let CSIS alter, degrade, and destroy botnet data on the infected machines and cut the devices loose from the networks.

The targets were Canada-based servers, small office and home office (SOHO) routers, and Internet of Things devices: Ring doorbells, security cameras, TVs, and other Wi-Fi-enabled appliances.

Justice Catherine Kane granted the warrant on May 1, 2024, renewed it that August, and issued the confidential reasons in February 2026. The warrant stayed out of public view for more than two years, until this month’s redacted release.

CSIS needed the order because the cleanup would likely have been a crime without it. Reaching into someone else’s device and wiping data is computer mischief under the Criminal Code, so the Service needed a judge’s sign-off before touching the machines.

The court found the threat to Canada clearly established and imminent, and the measures necessary, reasonable, and proportional. It stressed the operation went after devices, not people: no user identities sought, no content intercepted, any personal data swept up incidentally destroyed.

The two botnets ran the standard relay playbook. A command tier issued the orders; a layer of infected devices relayed the traffic. By routing through hijacked Canadian hardware, a foreign state can look like an ordinary connection, a home worker, or an ISP customer, while it probes critical infrastructure, government, and military networks.

The owner of the infected doorbell gets left looking responsible for traffic they never sent. The court flagged the energy sector among the targets and warned that the adversaries…

Source

More Stories

Five Eyes cybersecurity warning: Why AI is accelerating cyber risk and what business leaders must do now

Five Eyes cybersecurity warning: Why AI is accelerating cyber risk and what business leaders must do now

Staff Editor 2026-06-22
Klue hack results in data breach at several cybersecurity firms

Klue hack results in data breach at several cybersecurity firms

Staff Editor 2026-06-22
Cybersecurity, IT Job Fair Attracts 300 Job Seekers

Cybersecurity, IT Job Fair Attracts 300 Job Seekers

Staff Editor 2026-06-22

Terms and Conditions - Privacy Policy