From bleepingcomputer.com
With over two million detections to date, compromising shopping sites’ resources to steal customer payment card info is a global phenomenon unlikely to end soon.
These attacks are collectively known as Magecart and there are multiple groups currently in the business, some more advanced than others.
They target online payment forms and steal card data at checkout, a cybercriminal activity known as web skimming. This is done by loading at checkout JavaScript code designed to copy payment data and to send it to the attackers’ server.