If you've gone to Smith & Wesson's website, and more importantly inputted any sensitive information such as payment methods or credit card info, be aware that a skimming code was injected into their website on 27 November and was still active as of 2 December!
Magecart Hackers Open Fire at Smith & Wesson Customers
With a skimming code, when someone goes to the checkout page they are shown a fake payment form. The details they submit are exfiltrated to a server controlled by attackers.
To an untrained eye would look at that information and conclude that the domain was legitimate, and the actor behind this skimmer went to great lengths to conceal its activity and frustrate security researchers, using multiple anti-reverse-engineering methods, a three-stage loader and four layers of JavaScript obfuscation.
If by chance you bought anything from S&W's website in the past few weeks, you need to contact the financial institution of the payment method you used. You also need to change any passwords that were used during the transaction.
Magecart Hackers Open Fire at Smith & Wesson Customers
With a skimming code, when someone goes to the checkout page they are shown a fake payment form. The details they submit are exfiltrated to a server controlled by attackers.
To an untrained eye would look at that information and conclude that the domain was legitimate, and the actor behind this skimmer went to great lengths to conceal its activity and frustrate security researchers, using multiple anti-reverse-engineering methods, a three-stage loader and four layers of JavaScript obfuscation.
If by chance you bought anything from S&W's website in the past few weeks, you need to contact the financial institution of the payment method you used. You also need to change any passwords that were used during the transaction.
