Cyber Attack on Smith and Wesson Online store

American Firearms Manufacturer Smith & Wesson was targeted by a cyberattack last week and reports are in that attack was aimed to steal payment card details and sensitive credentials from the Massachusetts based company.

Highly placed sources say that the cyber attack started on Black Friday when hackers succeeded in planting a malicious code into the Smith & Wesson’s online store. Sources say that the injected software was a JavaScript which was meant to steal sensitive info from the store and send the details to a remote server in control of hackers.

It was a “Magecart Skimmer Campaign” and was discovered by Sanguine Security which keeps a tab on malicious activities and offers solutions according to the cyber threat.

Generally, such campaigns happen when hackers try to infiltrate a network through various means or try to enter a corporate network through third-party vendors.

Smith and Wesson have disclosed that the campaign effects were neutralized on Dec 3rd, 2019 as the IT department of the ammunition store removed the malicious skimmer from the Smith and Wesson online store.

Skimming software’s often keeping a tab of keystrokes and record personal information which is used in the future for later cyber attack campaigns.

So, users or consumers of Smith and Wesson are requested to keep a check on their credit card statements if they happen to have shopped on the website recently. Also, better to inform the credit card company if you happen to be a victim of Magecart’s Skimming Campaign by impersonating the Sanguine Security Anti Skimming Service.

Naveen Goud
Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display