Canadian malware spreader gets 2 years in prison

A Canadian court handed down a two-year prison sentence to a man who admitted coordinating ransomware and malware attacks on private citizens, businesses and government agencies.

Matthew Philbert, 33, pleaded guilty in October of last year to charges of fraud and unauthorized access to computers after his arrest in 2021 in Canada. Investigators found more than 1,100 victims total.

At the sentencing on Friday in the Ontario Court of Justice, prosecutors noted that Philbert’s attacks sometimes led to thousands of dollars in fraud, according to the CBC, including one incident in which he stole more than $10,000 from a family-run business.

Other targets included three Canadian police departments and the Ronald McDonald House charity in Halifax, Nova Scotia, reported the Ottawa Citizen.

Based in Ottawa, Philbert was captured after an investigation involving Ontario police and the FBI’s Anchorage, Alaska, bureau. An Alaska federal court issued a separate indictment at the time.

The U.S. case alleged Philbert had “attempted to cause damage without authorization to a protected computer owned by the State of Alaska” in 2018, potentially affecting medical data.

Philbert typically sent phishing emails with documents that looked like resumes but actually loaded malware that allowed for full control of a victim’s computer, reports said.

Canadian and U.S. authorities have not identified his co-conspirators.