Newly discovered web skimming malware is capable of hiding in plain sight to inject payment card skimmer scripts into compromised online stores. The malware’s creators use malicious payloads concealed as social media buttons that mimic high profile platforms such as Facebook, Twitter, and Instagram. The new malware was discovered by researchers at Dutch cyber-security company Sansec that focuses on defending e-commerce websites from digital skimming (also known as Magecart) attacks. Similar malware using this innovative loading technique was first spotted in the wild back in June 2020.
Source: https://www.bleepingcomputer.com/news/security/credit-card-stealing-malware-hides-in-social-media-sharing-icons/