MSGID: 2:221/1.58@fidonet 047fe4de   
   REPLY: 1:229/426 251975F0   
   PID: OpenXP/5.0.51 (Win32)   
   CHRS: ASCII 1   
   TZUTC: -0500   
   Hello Nick!   
      
    NA> I have a customer with a Wordpress site that had similar problems. Oh   
    NA> what a freaking nightmare that was... in the end I had to completely   
    NA> disable all plugins and widgets until the culprit was found.   
      
   My approach with WP is to turn off outside access first. Just     
   park a landing page with an "offline/maintenance" comment or     
   something.   
      
   Then, it is pretty straight forward to walk through the     
   directory tree to look for rogue .php files.   
      
   Although php injections are common, they can't avoid several     
   things from being spotted.   
      
      
    NA> Not saying the LCBO site was built on it but I find as time goes on,   
    NA> websites tend to be designed around a framework of some kind rather than   
    NA> HTML from scratch...  and very little attention is given to security of   
    NA> that framework.   
      
   I had one particiular site that was purely HTML, but it *still*     
   had rogue  and php content inserted and that     
   actually was triggered and active.  The hosting service said     
   that it can still happen over shared domain space; when one     
   client is infected the hack can traverse to other domains on     
   the same server.  It hasn't happened a 2nd time since I brought     
   it to their attention.   
      
   lcbo.com doesn't bear the code markings of a WP site. But I     
   notice that places like Indigo and CanadianTire have     
   surrendered to Shopify; that's probably fits into the kind of     
   framework you're taking about.  Hack one Shopify site, hack     
   them all.   
   --   
     ../|ug   
      
   --- OpenXP 5.0.51   
    * Origin: A turtle that surfs the dark web. [o] A TORtoise (2:221/1.58)   
   SEEN-BY: 1/19 123 15/0 16/0 19/10 37 90/1 105/81 106/201 120/340 123/130   
   SEEN-BY: 123/131 129/305 142/104 153/7715 203/0 218/700 221/1 6 360   
   SEEN-BY: 226/30 227/114 229/110 111 112 113 114 206 275 307 317 400   
   SEEN-BY: 229/424 426 428 452 470 550 664 700 240/5832 266/512 280/464   
   SEEN-BY: 280/5003 282/1038 292/854 301/1 317/3 320/119 219 319 2119   
   SEEN-BY: 322/0 757 325/304 326/101 342/200 396/45 423/81 460/58 633/280   
   SEEN-BY: 712/848   
   PATH: 221/1 320/219 229/426