Magecart attacks have emerged as a key cybersecurity threat to e-commerce websites. Magecart is an umbrella term given to different cybercriminal groups that are specialized in secretly implanting online credit card skimmers on compromised websites. Most of the compromised sites are running outdated versions of Magento CMS that’s vulnerable to an unauthenticated upload and remote code execution vulnerabilities. The attackers also purchase stolen payment card data on the dark web forums and ship them to pre-selected merchandise mules in an attempt to launder the fraudulent transactions.
Source: https://thehackernews.com/2019/08/magecart-hacking-credit-card.html

