Latest attack targets about 200 online campus stores in the U.S. and Canada. A malicious skimming script was injected into payment checkout pages, with credit card and personal information skimmed off and sent to a remote server. JS sniffers that target a wide array of e-commerce websites and content systems management platforms are a growing concern because they’re so difficult to detect and, even if the code is removed, the attackers can return. The latest incident targeting campus online stores apparently involved a previously unknown group, which Trend Micro calls Mirrorthief.”]
Source: https://www.govinfosecurity.com/javascript-sniffer-attacks-more-online-stores-targeted-a-12453