Gangs using malicious JavaScript code to steal payment info target multiple online shopping platforms used by thousands of small stores. Magecart Group 12 used stealth tactics to keep its activity under the radar and pilfer as much payment info as possible. Attackers typically make their way in by exploiting known vulnerabilities in these platforms, whose outdated versions often run on smaller stores. The actor used a domain name that impersonated the script for Microsoft’s Bing.com search engine: “https://bat[.]bing[.]com/bat.js”””
Source: https://www.bleepingcomputer.com/news/security/magecart-group-12-targets-opencart-websites/