- Feb 4, 2016
- 2,520
American gun manufacturer Smith & Wesson's online store has been compromised by attackers who have injected a malicious script that attempts to steal customer's payment information.
This type of attack is called MageCart and is when hackers compromise a web site so that they can inject malicious JavaScript scripts into ecommerce or checkout pages. These scripts then steal payment information that is submitted by a customer by sending it to a remote site under the attacker's control.
According to Sanguine Security's Willem de Groot, a Magecart group has been registering domain names named after his company and utilizing his name as the domain contact.