Fake Analytics Scripts are used to load credit card details from checkout forms. These scripts are injected into the Magento database and can be found in the HTML source of web pages on compromised Magento sites. At the time of writing, PublicWWW finds 40 sites containing these fake Angular scripts. Each site has its own version of the script, with different decryption keys and encoded URLs. The malicious scripts are hidden deep inside subdirectories that include Google Analytics/magento/conversion/conversions.”]