Jump to content
hughd

Smith & Wesson Cyberattack

Recommended Posts

Damn Russians, at it again ...

Or is it the Ukrainians now, I forget ...

  • Like 1

Share this post


Link to post
Share on other sites
5 minutes ago, No_0ne said:

Damn Russians, at it again ...

Or is it the Ukrainians now, I forget ...

Or Berkeley liberals?

Regardless, I am sick and damn tired of CC security breaches.  “Checking your statements and credit report” is poor recompense for having to deal with such a violation of one’s business.

  • Like 1

Share this post


Link to post
Share on other sites
4 minutes ago, Garufa said:

Or Berkeley liberals?

Regardless, I am sick and damn tired of CC security breaches.  “Checking your statements and credit report” is poor recompense for having to deal with such a violation of one’s business.

I'm resigned to the fact that it's just a facet of living in the connected world.  As with other areas (think DVD piracy, "jailbreaking" cable and dish receivers as past examples), whatever security measures are implemented will always eventually be compromised by those with the skills, time and equipment to do so ...

Share this post


Link to post
Share on other sites

In all honesty, I bet the web store side is outsourced, or at least ran on 3rd party servers. Usually when it starts the IT guys get to give it a green light and keep up with it. At some point someone puts reduced cost above security and changes are made that put things at risk.  Cheaper hosting companies, cheaper 3rd party vendor software, and etc. end up meaning less security. How else can they do it cheaper without cutting things out?

  • Like 1

Share this post


Link to post
Share on other sites
1 hour ago, Ronald_55 said:

In all honesty, I bet the web store side is outsourced, or at least ran on 3rd party servers.

Probably had it hosted on Hillary's server.   I don't think she's using it anymore.    

  • Like 1

Share this post


Link to post
Share on other sites
2 hours ago, Ronald_55 said:

In all honesty, I bet the web store side is outsourced, or at least ran on 3rd party servers.

I have not seen any indication the web store was run by a third party, but this article indicates it was probably an unpatched, open source, e-commerce platform that gave the hacker(s) an entry point.

https://www.securityweek.com/website-gunmaker-smith-wesson-hacked-magecart-attack

Share this post


Link to post
Share on other sites
10 hours ago, Ski said:

I have not seen any indication the web store was run by a third party, but this article indicates it was probably an unpatched, open source, e-commerce platform that gave the hacker(s) an entry point.

https://www.securityweek.com/website-gunmaker-smith-wesson-hacked-magecart-attack

"I just can't believe my car was stolen officer!"

"Me neither sir. So I make sure I get it right in the report, it was parked on a dark corner in THIS neighborhood, with the windows down and the engine running?"

"Well sure. Why not?"

Share this post


Link to post
Share on other sites
14 hours ago, Garufa said:

Regardless, I am sick and damn tired of CC security breaches.  “Checking your statements and credit report” is poor recompense for having to deal with such a violation of one’s business.

Agreed. Every since I got bent over by Equifax a few years ago I've had a credit freeze in place for both my wife and myself.  It's a pain. 

Share this post


Link to post
Share on other sites
15 hours ago, Garufa said:

Or Berkeley liberals?

Probably. Because even the Russians would know that no one buys anything at the Smith & Wesson Online store. All that stuff is offered at a lower price on S&W vendors websites.

Call me paranoid, but that’s why I won’t text pictures, or give out a phone number on gun deals until we are near a deal. Too many people are going after anyone that has anything to do with guns. They are trying to put names with phone numbers and email addresses. When someone wants me to text pictures of “the item” to them; somethings up.

Share this post


Link to post
Share on other sites

If your bank account was the same numbers as your Social Security number, how rich would you be? 

Believe it or not, I saw where somebody posted this on one of those social media sites and people actually answered.  :wall:

"Only two things are infinite. The universe and human stupidity. And I have my doubts about the former." Albert Einstein  ;)

Edited by Grayfox54

Share this post


Link to post
Share on other sites
On 12/5/2019 at 9:40 PM, Trekbike said:

Probably had it hosted on Hillary's server.   I don't think she's using it anymore.    

This article says how it was done

https://www.pcmag.com/news/372335/smith-wessons-website-hacked-to-steal-credit-card-details

 

If you recently bought something from Smith & Wesson on Black Friday, watch out. The gun manufacturer's website has been spotted hosting computer code that can steal your credit card details and forward it to hackers. The code was injected into the Smith & Wesson's website on Nov. 27 and remained there until Tuesday morning, according to fraud detection company Sanguine Security, which first noticed the "payment card skimming" attack. The data collection works via a Javascript program that'll run when a US-based browser loads the Smith & Wesson website. The program remains relatively dormant until the user goes to the checkout process, at which point the malicious Javascript will fully activate to create a fake payment form. Any payment card details entered will then be collected and sent off to a hacker-controlled website.

Share this post


Link to post
Share on other sites
On 12/5/2019 at 7:45 PM, No_0ne said:

I'm resigned to the fact that it's just a facet of living in the connected world.  As with other areas (think DVD piracy, "jailbreaking" cable and dish receivers as past examples), whatever security measures are implemented will always eventually be compromised by those with the skills, time and equipment to do so ...

There's an axiom that reads something like ... "code making  technology will always lag behind code breaking technology".

  • Like 2

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


The Fine Print

Tennessee Gun Owners (TNGunOwners.com) is the premier Community and Discussion Forum for gun owners, firearm enthusiasts, sportsmen and Second Amendment proponents in the state of Tennessee and surrounding region.

TNGunOwners.com (TGO) is a presentation of Enthusiast Productions. The TGO state flag logo and the TGO tri-hole "icon" logo are trademarks of Tennessee Gun Owners. The TGO logos and all content presented on this site may not be reproduced in any form without express written permission. The opinions expressed on TGO are those of their authors and do not necessarily reflect those of the site's owners or staff.

Before engaging in any transaction of goods or services on TGO, all parties involved must know and follow the local, state and Federal laws regarding those transactions. TGO makes no claims, guarantees or assurances regarding any such transactions.

×
×
  • Create New...

Important Information

By using this site, you agree to the following.
Terms of Use | Privacy Policy | Guidelines