The website of a gun manufacturing company, Smith & Wesson, was recently hacked when attackers injected it with a data retrieving code that was after credit card info.
Stealing Credit Card Information
The purpose of the code is to steal user credit card information and forward it to attackers. Security experts believe that the code only appeared around November 27th. After that, the code remained active until yesterday, December 3rd.
Interestingly enough, the code doesn’t do much else, and it is mostly dormant until the user completes their browsing and moves on to make a purchase. In other words, the code only activates at the checkout, when it records the payment card data and sends it to the hacker.
Experts Found a Number of Similar Attacks
This is far from being the first attack of this kind. A similar incident happened only a month ago, at Macy’s. Once again, the attacker infected the company’s website with a code that focused on the checkout page.
Meanwhile, Sanguine Security’s Willem de Groot confirmed that the same hackers that targeted Smith & Wesson also attempted to infect dozens of other sites. He also noted that attackers are using numerous tactics and vulnerabilities to access secured websites, such as the flaw in Magento e-commerce software.
Another interesting detail is that hackers that hit Smith & Wesson used Sanguine Security’s name to pull off their attacks. The company’s name was used on two domains that were hosting the code — sanguinelab.net and sansec.us. Not only that, but hackers even used de Groot’s name to register the second of the two domains.
What are your thoughts regarding the incident? Have you used Smith & Wesson’s website around Black Friday? Let us know what you think of the attacks in the comments section below.
Images are courtesy of Shutterstock, Twitter, Pixabay.