Financial cybergang known as FIN6 known for going after brick-and-mortar point-of-sale data in the U.S. and Europe. FIN6 has been spotted injecting malicious card-skimming code into online checkout pages of compromised websites. The group is using the More_eggs JScript backdoor to anchor its attack. To gain access to victim environments, FIN6 handpicked employees using LinkedIn messaging and email, advertising fake jobs. The code steals payment-card data as it s entered into shopping-cart forms.
Source: https://threatpost.com/fin6-target-ecommerce/147847/