The Lazarus Group, state-sponsored hackers affiliated with North Korea, has added digital payment-card skimming to their repertoire, researchers said, using Magecart code. Among the victims is Claire s, the fashion accessory chain that was attacked in June. Magecart is an umbrella term encompassing several different threat groups who typically use the same card-skimming scripts on checkout pages. The infrastructure used in the attacks is the same that has been seen in previous Lazarus operations; and that distinctive patterns in the malware code were identified that linked multiple hacks to the same actor
Source: https://threatpost.com/lazarus-group-adds-magecart/157167/