Magecart Hackers Open Fire at Smith & Wesson Customers

Dec 3, 2019 12:00 pm Cyber Security 146

Magecart Hackers Open Fire at Smith & Wesson Customers

Digital skimming hackers have been in action again, this time targeting the website of a leading US gun-maker and its customers.





Springfield, Massachusetts-based Smith & Wesson was attacked on Black Friday, during one of the busiest shopping weekends of the year, according to Sanguine Security.





The security vendor’s forensics man, Willem de Groot, warned on Twitter that although the skimming code was injected into the site last Wednesday, November 27, it was still active as of Monday, December 2.





To add another layer of intrigue, the hackers have been using the Sanguine Security name as cover to legitimize their campaign.





“Skimming code & infrastructure is identical to the campaign that impersonates Sanguine Security,” said de Groot. “Hacker registered skimming domains in my name and disguises as Sanguine protection.”





Those domains were registered at sansec[.]us, sanguinelab[.]net, in a bid to ape the vendor’s legitimate sanse[.]io name.





It’s likely the attackers chose Sanguine Security deliberately, as much of its work for customers is to protect them from Magecart-style attacks.





For companies that are not prepared for such attacks, there could be severe financial repercussions. De Groot explained that the attack on Macy’s wiped $500m off its share price.





“Alas, for Smith & Wesson, the put options don't seem to be in high demand right now,” he said. “Carding has a better yield than stock manipulation?”





The gun-maker’s travails are just the latest in a long line o ..

Support the originator by clicking the read the rest link below.

magecart hackers smith wesson customers
Read The Rest from the original source
infosecurity-magazine.com

Related News

Be in Touch

All Rights Reserved #1 Source for Cyber Security News, Reports and Threat Intelligence
Powered By The Internet!!!!