Cybercrime actors part of the Magecart group have latched on to a new technique of obfuscating the malware code within comment blocks and encoding stolen credit card data into images and other files hosted on the server. Magecart is the umbrella term given to multiple groups of cybercriminals targeting e-commerce websites with the goal of plundering credit card numbers by injecting malicious JavaScript skimmers and selling them on the black market. The attackers are said to have used a technique called concatenation wherein the code was combined with additional comment chunks that “does not functionally do anything”
Source: https://thehackernews.com/2021/07/magecart-hackers-hide-stolen-credit.html