Magecart group has hacked the websites of two hotel chains to inject scripts targeting Android and iOS users. One of these brands has 107 hotels in 14 countries, while the other has 73 hotels. The code injected in the websites first checks if an HTML element containing the ID customerBookingForm is present on the webpage to verify that it is running on the hotels booking page. The skimmer script used in these attacks collects customers data, including names, email addresses, telephone numbers, hotel room preferences, and of course, credit card details.”]
Source: https://securityaffairs.co/wordpress/91503/malware/magecart-hotel-chain-websites.html

