MageCart group stole payment card information from hundreds of hacked online stores. The group has been operating since at least 2017 and is responsible for 1% of MageCart incidents, at a minimum. Group-IB has been tracking the GetBilling script since 2018 and included it in a report on JS-sniffers in April last year. The number of victims is likely much higher, which is confirmed by a company providing payment fraud protection of online stores, which identified it on 571 web stores.
Source: https://www.bleepingcomputer.com/news/security/first-magecart-hackers-caught-infected-hundreds-of-web-stores/