CyberSecurityBoard
Sponsor Register Login

Website of Canadian Liquor Distributor LCBO Infected with Web Skimmer

The website of Canadian liquor distributor LCBO (Liquor Control Board of Ontario) was recently discovered to be infected with a web skimmer. This malicious code was designed to steal customers’ personal and payment card data during the checkout process. The security researchers at Sucuri, a cloud-based website security solutions provider, found that the attack was being operated by a group of threat actors identified as “LovGate.” When Sucuri analyzed the malicious code they were able to determine how the attackers were exfiltrating the stolen data. The code also included URLs pointing to other domains, which were used to obfuscate the malicious activities. The attack was primarily affecting customers located in the Northeastern province of Ontario. The malicious skimmer code is designed to prevent customers from benefiting from the normal checkout process, such as being able to cancel orders or return products. It does this by injecting malicious code directly into the website, which will then be executed when the customer completes their purchase. Once the code has been executed it will then extract personal information, such as billing and shipping addresses, as well as payment card details. It is not clear how long the malicious code had been active on the site before it was discovered. Sucuri has urged all customers who have visited the site between the time of the attack and the time it was discovered to check and make sure that their payment card details have not been stolen. They also recommend changing their passwords to prevent any further data from being stolen, as well as keeping a close watch over their online statements and credit reports to ensure that they are not impacted by any further fraudulent activities. SecurityWeek has reached out to LCBO for further comment but has yet to receive a response. It is not known at this time if the LCBO website has been completely cleaned of the malicious code or if the attackers have been able to steal any personal data.

This Cyber News was published on www.securityweek.com. Publication date: Sun, 22 Jan 2023 10:48:00 +0000


Cyber News related to Website of Canadian Liquor Distributor LCBO Infected with Web Skimmer

Website of Canadian Liquor Distributor LCBO Infected with Web Skimmer - The website of Canadian liquor distributor LCBO (Liquor Control Board of Ontario) was recently discovered to be infected with a web skimmer. This malicious code was designed to steal customers’ personal and payment card data during the checkout ...
2 years ago Securityweek.com
Ransomware Revealed: From Attack Mechanics to Defense Strategies - Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. Preference cookies enable a website to remember information that changes the way the website behaves or looks, ...
1 year ago Offsec.com
OffSec Yearly Recap 2023 - Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. Preference cookies enable a website to remember information that changes the way the website behaves or looks, ...
1 year ago Offsec.com
Unveiling the OWASP Top 10:2021 Learning Path - Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. Preference cookies enable a website to remember information that changes the way the website behaves or looks, ...
1 year ago Offsec.com
The Essential Guide to Incident Response and Cyber Resilience - Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. Preference cookies enable a website to remember information that changes the way the website behaves or looks, ...
1 year ago Offsec.com
Secure coding training for robust software 2024 - Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. Preference cookies enable a website to remember information that changes the way the website behaves or looks, ...
1 year ago Offsec.com
Cybersecurity training aligned with the MITRE ATT&CK framework - Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. Preference cookies enable a website to remember information that changes the way the website behaves or looks, ...
11 months ago Offsec.com
Cloud security training: Build secure cloud systems - Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. Preference cookies enable a website to remember information that changes the way the website behaves or looks, ...
11 months ago Offsec.com
Proactive Threat Detection: Introducing Threat Hunting Essentials - Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. Session HTTP cfuvid [x5] discord.comHubspotVimeozoominfo.com This cookie is a part of the services provided by ...
10 months ago Offsec.com
Infrastructure Hardening and Proactive Defense: The System Administrator's Toolkit - Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. Session HTTP cfuvid [x5] discord.comHubspotVimeozoominfo.com This cookie is a part of the services provided by ...
9 months ago Offsec.com
Canadian government discloses data breach after contractor hacks - The Canadian government says two of its contractors have been hacked, exposing sensitive information belonging to an undisclosed number of government employees. These breaches occurred last month and impacted Brookfield Global Relocation Services and ...
1 year ago Bleepingcomputer.com LockBit
Monthly Threat Webinar Series in 2023: What to Expect - We firmly believe that the internet should be available and accessible to anyone and are committed to providing a website that is accessible to the broadest possible audience, regardless of ability. These guidelines explain how to make web content ...
2 years ago Trendmicro.com
BadBox malware disrupted on 500K infected Android devices - The BadBox Android malware botnet has been disrupted again by removing 24 malicious apps from Google Play and sinkholing communications for half a million infected devices. HUMAN says it also discovered 24 Android apps in the official app store, ...
6 days ago Bleepingcomputer.com
Police Warn Hundreds of Online Merchants of Skimmer Infections - More than 400 online merchants were notified of digital skimmer infections in a coordinated international operation, Europol announced. Law enforcement agencies in 17 countries participated in this effort to identify infected ecommerce sites and ...
1 year ago Securityweek.com
Police Warn Hundreds of Online Merchants of Skimmer Infections - More than 400 online merchants were notified of digital skimmer infections in a coordinated international operation, Europol announced. Law enforcement agencies in 17 countries participated in this effort to identify infected ecommerce sites and ...
1 year ago Packetstormsecurity.com
Canada to ban the Flipper Zero to stop surge in car thefts - The Canadian government plans to ban the Flipper Zero and similar devices after tagging them as tools thieves can use to steal cars. The Flipper Zero is a portable and programmable pen-testing tool that helps experiment with and debug various ...
1 year ago Bleepingcomputer.com
Canada to ban the Flipper Zero to stop surge in car thefts - The Canadian government plans to ban the Flipper Zero and similar devices after tagging them as tools thieves can use to steal cars. The Flipper Zero is a portable and programmable pen-testing tool that helps experiment with and debug various ...
1 year ago Bleepingcomputer.com
LockBit administrator sentenced to almost four years in prison after guilty plea - An administrator for the LockBit ransomware gang has been sentenced to four years in prison after pleading guilty to eight charges in a Canadian court last month. Mikhail Vasiliev, a 34-year-old Canadian-Russian dual national, has been in legal peril ...
11 months ago Therecord.media LockBit
Latvia Reports Russian Hackers Attempted to Phish Its Ministry of Defence - Latvia has reported that Russian hackers attempted to phish its Ministry of Defence. To track user interaction with the website, 1 year HTTP SRM B Microsoft is used. JazzHR registers how the user has reached the website to enable pay-out of referral ...
2 years ago Bitdefender.com
No Robots(.txt): How to Ask ChatGPT and Google Bard to Not Use Your Website for Training - Both OpenAI and Google have released guidance for website owners who do not want the two companies using the content of their sites to train the company's large language models. We've long been supporters of the right to scrape websites-the process ...
1 year ago Eff.org
New HeadCrab Malware Hijacks 1,200 Redis Servers - Since September 2021, over a thousand vulnerable Redis servers online have been infected by a stealthy malware dubbed "HeadCrab", designed to build a botnet that mines Monero cryptocurrency. At least 1,200 servers have been infected by the HeadCrab ...
2 years ago Heimdalsecurity.com
PurpleFox malware infected thousands of systems in Ukraine - The Computer Emergency Response Team in Ukraine is warning about a PurpleFox malware campaign that has infected at least 2,000 computers in the country. The exact impact of this widespread infection and whether it has affected state organizations or ...
1 year ago Bleepingcomputer.com
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
1 year ago Esecurityplanet.com
Rhadamanthys information stealer introduces AI-driven capabilities - The malware allows operators to harvest a broad range of information, including system information, credentials, cryptocurrency wallets, browser passwords, cookies, and data stored in various applications. “This allows Rhadamanthys to extract ...
5 months ago Securityaffairs.com CVE-2024-45519
What is SEO Poisoning Attack? - Search engine optimization (SEO) poisoning is a type of cyber attack that infiltrates search results. It consists of malicious search engine results created by an attacker attempting to redirect someone to malicious or vulnerable webpages. It is a ...
2 years ago Heimdalsecurity.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)