Security consultant Willem de Groot says 50 to 60 e-commerce sites a day have been infected with malicious JavaScript. The malicious code is designed to work with legitimate Magento software. It’s designed to harvest customers’ payment card details as they finalize their orders. The code also changes the password for registered Magento users to “how1are2you3″ The average recovery time is a few weeks, but at least 1,450 stores have hosted the magentocore[dot]net parasite.”]
Source: https://www.cuinfosecurity.com/card-skimming-malware-campaign-hits-dozens-sites-daily-a-11451