Smith & Wesson Is Magecarts Latest Target

  /     /     /  
Publicated : 23/11/2024   Category : security

Smith & Wesson Is Magecarts Latest Target


Researchers estimate the gun manufacturers website was compromised sometime before Black Friday.


A Magecart group has compromised the website of American gun manufacturer Smith & Wesson by injecting malicious code designed to lift customers payment data at checkout.
The incident was found by Sanguine Securitys Willem de Groot, who was investigating payment skimmers impersonating Sanguine Securitys anti-skimming service. He found attackers were registering malicious domains named after Sanguine and using his name as the registrant.
These fake skimmers have been used on several high-profile stores, including Smith & Wesson, de Groot explains in a
blog post
. Not all of the malware impersonates the Sanguine domain name; however, the major skimmers share identical code and infrastructure. Smith & Wesson was hit with a skimmer on Nov. 27, he says, and it was present when he published on Dec. 2.
The skimmer on this website is exceptionally sophisticated and contains multiple levels of obfuscation, each rendering a new anonymous function to complicate debugging, de Groot says. Most of the sites script is benign, though the Magecart code appears on the checkout page for visitors who use a US-based IP address and non-Linux browser and who arent on AWS. In these cases, the file size changes from 11KB to 20KB upon visiting the checkout page.
When someone under these conditions goes to the checkout page, they are shown a fake payment form. The details they submit are exfiltrated to a server controlled by attackers.
Read more details
here
.
Check out 
The Edge
, Dark Readings new section for features, threat data, and in-depth perspectives. Todays top story:
A Cause You Care About Needs Your Cybersecurity Help
.

Last News

▸ ArcSight prepares for future at user conference post HP acquisition. ◂
Discovered: 07/01/2025
Category: security
▸ Samsung Epic 4G: First To Use Media Hub ◂
Discovered: 07/01/2025
Category: security
▸ Many third-party software fails security tests ◂
Discovered: 07/01/2025
Category: security


Cyber Security Categories
Google Dorks Database
 		Exploits Vulnerability
 		Exploit Shellcodes

CVE List
 		Tools/Apps
 		News/Aarticles

Phishing Database
 		Deepfake Detection
 		Trends/Statistics & Live Infos



Tags:
Smith & Wesson Is Magecarts Latest Target