The website of a gun manufacturing company, Smith & Wesson, was recently hacked when attackers injected it with a data retrieving code that was after credit card info.
According to recent data, anyone who recently purchased anything from the Smith & Wesson website — particularly around Black Friday — might be a victim of hackers. Security researchers recently discovered that the company’s site got infected by a malicious javascript code.
Stealing Credit Card Information
The purpose of the code is to steal user credit card information and forward it to attackers. Security experts believe that the code only appeared around November 27th. After that, the code remained active until yesterday, December 3rd.The code was noticed by a fraud detection firm known as Sanguine Security, which noticed the ‘payment card skimming’ attack. The company reported that attackers used a Javascript program that runs whenever a US-based browser accesses the Smith & Wesson site. Interestingly enough, the code doesn’t do much else, and it is mostly dormant until the user completes their browsing and moves on to make a purchase. In other words, the code only activates at the checkout, when it records the payment card data and sends it to the hacker.Stock listed gun maker @Smith_WessonInc got popped during Black Friday. Payment skimmer injected on Nov 27, still active (co-research by @AffableKraut) pic.twitter.com/eh8sokUi73
— gwillem (@gwillem) December 2, 2019
Experts Found a Number of Similar Attacks
This is far from being the first attack of this kind. A similar incident happened only a month ago, at Macy’s. Once again, the attacker infected the company’s website with a code that focused on the checkout page. Meanwhile, Sanguine Security’s Willem de Groot confirmed that the same hackers that targeted Smith & Wesson also attempted to infect dozens of other sites. He also noted that attackers are using numerous tactics and vulnerabilities to access secured websites, such as the flaw in Magento e-commerce software.
Another interesting detail is that hackers that hit Smith & Wesson used Sanguine Security’s name to pull off their attacks. The company’s name was used on two domains that were hosting the code — sanguinelab.net and sansec.us. Not only that, but hackers even used de Groot’s name to register the second of the two domains.
What are your thoughts regarding the incident? Have you used Smith & Wesson’s website around Black Friday? Let us know what you think of the attacks in the comments section below.
Images are courtesy of Shutterstock, Twitter, Pixabay.
Disclaimer
All the information contained on our website is published in good faith and for general information purposes only. Any action the reader takes upon the information found on our website is strictly at their own risk.
Sponsored
Sponsored