Website of Canadian Liquor Distributor LCBO Infected with Web Skimmer

The website of Canadian liquor distributor LCBO (Liquor Control Board of Ontario) was recently discovered to be infected with a web skimmer. This malicious code was designed to steal customers’ personal and payment card data during the checkout process. The security researchers at Sucuri, a cloud-based website security solutions provider, found that the attack was being operated by a group of threat actors identified as “LovGate.” When Sucuri analyzed the malicious code they were able to determine how the attackers were exfiltrating the stolen data. The code also included URLs pointing to other domains, which were used to obfuscate the malicious activities. The attack was primarily affecting customers located in the Northeastern province of Ontario. The malicious skimmer code is designed to prevent customers from benefiting from the normal checkout process, such as being able to cancel orders or return products. It does this by injecting malicious code directly into the website, which will then be executed when the customer completes their purchase. Once the code has been executed it will then extract personal information, such as billing and shipping addresses, as well as payment card details. It is not clear how long the malicious code had been active on the site before it was discovered. Sucuri has urged all customers who have visited the site between the time of the attack and the time it was discovered to check and make sure that their payment card details have not been stolen. They also recommend changing their passwords to prevent any further data from being stolen, as well as keeping a close watch over their online statements and credit reports to ensure that they are not impacted by any further fraudulent activities. SecurityWeek has reached out to LCBO for further comment but has yet to receive a response. It is not known at this time if the LCBO website has been completely cleaned of the malicious code or if the attackers have been able to steal any personal data.

This Cyber News was published on www.securityweek.com. Publication date: Sun, 22 Jan 2023 10:48:00 +0000

Cyber News related to Website of Canadian Liquor Distributor LCBO Infected with Web Skimmer

Website of Canadian Liquor Distributor LCBO Infected with Web Skimmer - The website of Canadian liquor distributor LCBO (Liquor Control Board of Ontario) was recently discovered to be infected with a web skimmer. This malicious code was designed to steal customers’ personal and payment card data during the checkout ...
2 years ago Securityweek.com

Ransomware Revealed: From Attack Mechanics to Defense Strategies - Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. Preference cookies enable a website to remember information that changes the way the website behaves or looks, ...
1 year ago Offsec.com

OffSec Yearly Recap 2023 - Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. Preference cookies enable a website to remember information that changes the way the website behaves or looks, ...
1 year ago Offsec.com

Unveiling the OWASP Top 10:2021 Learning Path - Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. Preference cookies enable a website to remember information that changes the way the website behaves or looks, ...
1 year ago Offsec.com

The Essential Guide to Incident Response and Cyber Resilience - Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. Preference cookies enable a website to remember information that changes the way the website behaves or looks, ...
1 year ago Offsec.com

Secure coding training for robust software 2024 - Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. Preference cookies enable a website to remember information that changes the way the website behaves or looks, ...
11 months ago Offsec.com

Cybersecurity training aligned with the MITRE ATT&CK framework - Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. Preference cookies enable a website to remember information that changes the way the website behaves or looks, ...
11 months ago Offsec.com

Cloud security training: Build secure cloud systems - Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. Preference cookies enable a website to remember information that changes the way the website behaves or looks, ...
11 months ago Offsec.com

Proactive Threat Detection: Introducing Threat Hunting Essentials - Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. Session HTTP cfuvid [x5] discord.comHubspotVimeozoominfo.com This cookie is a part of the services provided by ...
10 months ago Offsec.com

Canadian government discloses data breach after contractor hacks - The Canadian government says two of its contractors have been hacked, exposing sensitive information belonging to an undisclosed number of government employees. These breaches occurred last month and impacted Brookfield Global Relocation Services and ...
1 year ago Bleepingcomputer.com

Infrastructure Hardening and Proactive Defense: The System Administrator's Toolkit - Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. Session HTTP cfuvid [x5] discord.comHubspotVimeozoominfo.com This cookie is a part of the services provided by ...
9 months ago Offsec.com

Monthly Threat Webinar Series in 2023: What to Expect - We firmly believe that the internet should be available and accessible to anyone and are committed to providing a website that is accessible to the broadest possible audience, regardless of ability. These guidelines explain how to make web content ...
2 years ago Trendmicro.com

Police Warn Hundreds of Online Merchants of Skimmer Infections - More than 400 online merchants were notified of digital skimmer infections in a coordinated international operation, Europol announced. Law enforcement agencies in 17 countries participated in this effort to identify infected ecommerce sites and ...
1 year ago Securityweek.com

Canada to ban the Flipper Zero to stop surge in car thefts - The Canadian government plans to ban the Flipper Zero and similar devices after tagging them as tools thieves can use to steal cars. The Flipper Zero is a portable and programmable pen-testing tool that helps experiment with and debug various ...
1 year ago Bleepingcomputer.com

LockBit administrator sentenced to almost four years in prison after guilty plea - An administrator for the LockBit ransomware gang has been sentenced to four years in prison after pleading guilty to eight charges in a Canadian court last month. Mikhail Vasiliev, a 34-year-old Canadian-Russian dual national, has been in legal peril ...
11 months ago Therecord.media

Latvia Reports Russian Hackers Attempted to Phish Its Ministry of Defence - Latvia has reported that Russian hackers attempted to phish its Ministry of Defence. To track user interaction with the website, 1 year HTTP SRM B Microsoft is used. JazzHR registers how the user has reached the website to enable pay-out of referral ...
2 years ago Bitdefender.com

New HeadCrab Malware Hijacks 1,200 Redis Servers - Since September 2021, over a thousand vulnerable Redis servers online have been infected by a stealthy malware dubbed "HeadCrab", designed to build a botnet that mines Monero cryptocurrency. At least 1,200 servers have been infected by the HeadCrab ...
2 years ago Heimdalsecurity.com

PurpleFox malware infected thousands of systems in Ukraine - The Computer Emergency Response Team in Ukraine is warning about a PurpleFox malware campaign that has infected at least 2,000 computers in the country. The exact impact of this widespread infection and whether it has affected state organizations or ...
1 year ago Bleepingcomputer.com

No Robots(.txt): How to Ask ChatGPT and Google Bard to Not Use Your Website for Training - Both OpenAI and Google have released guidance for website owners who do not want the two companies using the content of their sites to train the company's large language models. We've long been supporters of the right to scrape websites-the process ...
1 year ago Eff.org

Rhadamanthys information stealer introduces AI-driven capabilities - The malware allows operators to harvest a broad range of information, including system information, credentials, cryptocurrency wallets, browser passwords, cookies, and data stored in various applications. “This allows Rhadamanthys to extract ...
4 months ago Securityaffairs.com

What is SEO Poisoning Attack? - Search engine optimization (SEO) poisoning is a type of cyber attack that infiltrates search results. It consists of malicious search engine results created by an attacker attempting to redirect someone to malicious or vulnerable webpages. It is a ...
2 years ago Heimdalsecurity.com

9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
1 year ago Esecurityplanet.com

It's not cricket! Sri Lanka and Bangladesh co-host phishing attack - Sri Lanka and Bangladesh have a successful history of co-hosting the Cricket World Cup, but today the two countries' governments have found themselves on a sticky wicket by co-hosting a phishing attack that targets UK banking customers. Victims lured ...
1 year ago Netcraft.com

Latest Cyber News

Chase will soon block Zelle payments to sellers on social media - 7 hours ago
CVE-2021-30369 - 7 hours ago
CVE-2024-13837 - 8 hours ago
Microsoft to remove the Location History feature in Windows - 8 hours ago
X now blocks Signal contact links, flags them as malicious - 10 hours ago
CVE-2025-1392 - 11 hours ago
CVE-2024-13879 - 11 hours ago
Microsoft spots XCSSET macOS malware variant used for crypto theft - 11 hours ago
Ransomware Gangs Encrypt Systems After 17hrs From Initial Infection - 12 hours ago
Fintech giant Finastra notifies victims of October data breach - 12 hours ago
CVE-2025-1391 - 13 hours ago
CVE-2025-21103 - 13 hours ago
RansomHub Evolves To Attack Windows, ESXi, Linux and FreeBSD Operating Systems - 14 hours ago
CISA Warns of Apple iOS Vulnerability Exploited in Wild - 15 hours ago
Xerox Printers Vulnerability Let Attackers Capture Auth Data From LDAP & SMB - 15 hours ago
Hidden Malware in WordPress Websites Allows Attackers to Execute Malicious Code Remotely - 15 hours ago
CVE-2025-26773 - 15 hours ago
CVE-2025-26775 - 15 hours ago
CVE-2025-26778 - 15 hours ago
CVE-2025-23845 - 15 hours ago

Cyber Trends (last 7 days)

Okta - 1 year ago
23andMe - 1 year ago
Kimsuky - 1 year ago
LogoFAIL - 1 year ago
Gh0st rat - 1 year ago

Trending Cyber News (last 7 days)

CVE-2025-1360 - 1 day ago
CVE-2024-44044 - 1 day ago
CVE-2025-1364 - 1 day ago
CVE-2025-22284 - 1 day ago
CVE-2025-22286 - 1 day ago
CVE-2025-22289 - 1 day ago
CVE-2025-22290 - 1 day ago
CVE-2025-22291 - 1 day ago
CVE-2025-22676 - 1 day ago
CVE-2025-22680 - 1 day ago
CVE-2025-22689 - 1 day ago
CVE-2025-23975 - 1 day ago
CVE-2025-26755 - 1 day ago
CVE-2025-26759 - 1 day ago
CVE-2025-26761 - 1 day ago
CVE-2025-26765 - 1 day ago
CVE-2025-26766 - 1 day ago
CVE-2025-26767 - 1 day ago
CVE-2025-26768 - 1 day ago
CVE-2025-26779 - 1 day ago