Magecart Group 5 has been spotted testing and preparing code to be injected onto commercial routers potentially opening up guests connecting to Wi-Fi networks to payment data theft. A faction of the Magecart threat group is testing code that targets routers used to provide free or paid Wi-fi services in public spaces and hotels. Attackers can steal guest payment data when they browse on e-commerce sites through a compromised router. The code would then be loaded into commercial-grade routers that support layer 7 (L7) protocol.
Source: https://threatpost.com/magecart-group-targets-routers-behind-public-wi-fi-networks/148662/