Threat actors exploited a vulnerability in the no-longer maintained Magento 1 software branch. Thousands of e-commerce shops were compromised and many of them were injected with credit card skimming code. The same threat actors were already busy on Costways compomise at least in late December 2020 as late December recorded in this month. When that happens, an alternate version of their skimmer injects its own fields that mimic a legitimate payments platform. This is not unusual, multiple infections on the same site are common, but this case was different.”]

