The American company making weapons Smith & Wesson he fell victim hacking attack at the end of last month. Specifically, it was one Magecart attack, where the attackers introduced one malicious software skimmer on website the company's. The hackers were targeted theft of clients' financial information (from payment cards).
The Magecart attack was discovered by the investigator security Willem de Groot of Sanguine Security. The investigator found that the attackers introduced the skimmer on the site of the Smith & Wesson company on November 27.
The breached Smith & Wesson online store loads malicious code from one domain created by hackers. The malicious code is designed to steals personal and financial information, that they give users when making online purchases.
The Magecart attack is in progress, as the skimmer is still active in the online store:
live.sequracdn [.] net / storage / modrrnize.js
The script changes according to the section of the site that users visit.
“This script is not easy to locate as it will load either or not malicious or a malicious script depending on the visitor and the section of the site being visited, ”BleepingComputer said.
The Smith & Wesson online store is running Magento. According to the researcher, the attackers were probably exploited some vulnerability system and so they were able to introduce malicious code and carry out the Magecart attack.
In November, Magento software was found with a vulnerability that allowed it code execution remotely. The vulnerability was named CVE-2019-8144. The hackers could exploit the vulnerability to deliver malicious payloads to vulnerable systems.
Users who have recently purchased at smith-wesson.com should contact her bank check their credit cards to see if any suspicious activity has taken place.