Officials with the Canadian Radio-television and Telecommunications Commission (CRTC) said they took down dark web marketplace Canadian HeadQuarters on Wednesday and fined four of those involved in the platform.
In a statement, CRTC chief compliance and enforcement officer Steven Harroun said Canadian HeadQuarters, also known and Canadian HQ, was "one of the largest Dark Web marketplaces in the world and significantly contributed to harmful cyber activity in Canada."
CRTC staff executed warrants in the greater Montreal area through 2020 and 2021 that led to the marketplace being taken offline. They also issued fines to Chris Tyrone Dracos, Marc Anthony Younes, Souial Amarak and Moustapha Sabir. Dracos was given a $150,000 fine, and the other three were given $50,000 fines.
Dracos, Younes, Amarak and Sabir are accused of sending phishing emails and violating Canada's anti-spam legislation. Dracos was given a higher fine because he is allegedly the "creator and administrator" of Canadian HQ.
"Some Canadians are being drawn into malicious cyber activity, lured by the potential for easy money and social recognition among their peers. This case shows that anonymity is not absolute online, and there are real-world consequences when engaging in these activities," Harroun said.
"Canadian Headquarters was one of the most complex cases our team has tackled since CASL came into force. I would like to thank the cyber-security firm Flare Systems, the Sûreté du Québec and the RCMP's National Division for their invaluable assistance. Our team is committed to investigating CASL non-compliance on all fronts."
CRTC explained that the marketplace allowed people to sell spamming services, phishing kits, stolen credentials and access to compromised computers. Since the country passed anti-phishing laws, they have issued penalties of more than $1.4 million.
Canadian officials noted that the investigation led them to uncover several other cybercriminal vendors and that more "enforcement actions" are planned.
On the same day, the US Department of Justice said Canadian Slava Dmitriev was sentenced to three years in prison for access device fraud after selling more than 1,700 stolen identities on the dark web. He was arrested in Greece while on vacation and was extradited to the US in January 2021.
"Dmitriev stole the identities of hard-working citizens of the United States and thought he was safe from prosecution while overseas," said Phil Wislar, Acting Special Agent in Charge of FBI Atlanta.
He went by the name "GoldenAce" and sold 1,764 items on AlphaBay for approximately $100,000, offering customers stolen names, dates of birth, social security numbers, and other personally identifiable information.