Security firm Sucuri says one of its clients reported receiving warnings from its antivirus program when navigating to its checkout page. Researchers then found that threat actors were loading the JavaScript from at least 60 blocked domains that had been blacklisted for distributing carding malware. The threat actors further obfuscated the malicious script by making it appear as if JavaScript tied to a website animation component. In September 2020, researchers warned that about 2,000 sites that use the 12-year-old Magento 1 e-commerce platform had been targeted by JavaScript skimmers.”]
Source: https://www.cuinfosecurity.com/card-stealer-malware-uses-new-evasion-technique-a-17178