When you think about high-profile hacking, you probably don’t think of Canada. (You may also know us as Less Important America.)
It’s fine, seriously—everyone knows that we’ve got a weird inferiority complex thing going on up here. Hell, even Canadians tend to forget about Canada when it comes to hacking and cybercrime. Remember the Ashley Madison hack? Avid Life Media, the company that owns Ashley Madison, is Canadian. Heartbleed, a serious bug in a widely-used encryption protocol on the web, which will likely leave computers vulnerable for decades? Most famously exploited in a Canadian government website hack, carried out by a Canadian teen.
But we definitely have our own thing going on in the snowy North when it comes to nefarious activities online, Trend Micro security researcher Natasha Hellberg wrote in a blog post on Tuesday; it’s just not talked about as much as what goes on in the US. So, she looked at some recent data and made some surprising findings about the current threat landscape in Canada.
According to Hellberg, adware toolbars that may download malware onto victims’ computers—and one in particular, OpenCandy—and banking information-stealing Trojans were some of the most serious threats in November 2015 in Canada. “Notably, there is one conspicuous absence: ransomware,” Hellberg writes. “Although ransomware currently a leading threat in the US, we did not see it as a particularly common threat in Canada [that month].”
Ransomware is a scam that locks users’ files until they pay a fee to the scammers, often in Bitcoin.
Watch more from Motherboard: The Lost Art of Canada's Doomed Pre-Internet Web
Canada’s underground market for stolen banking credentials, cards, and IDs, is also thriving, Hellberg writes, although “it is not as large or well-developed as other underground communities.” The most targeted bank, in terms of hackers trying to get user credentials, was Toronto Dominion bank (TD), by a mile. To be more precise, hackers tried to swipe information from TD customers more than twice as often as the next most popular bank: Bank of Montreal.
None of this is particularly surprising, as Microsoft’s own threat report on Canadian cybercrime in 2015 noted that users in the country encountered Trojan viruses and similar information-stealing malware at a much higher rate than ransomware—perhaps, in part, because the Canadian dollar is falling in value faster than you can say, “Legal weed.”
Hellberg also notes that the vast majority of malicious sites that affect Canadians aren’t actually hosted in Canada. “Looking at the November data, one thing is clear: the malicious site(s) that Canadians visit are predominantly hosted in the United States,” Hellberg wrote. “The number of ‘hits’ to malicious sites in the US is higher by one order of magnitude than any other country.”
Cool. Thanks a lot, US pals.