Magecart, the digital card-skimming collective, is so ubiquitous that its infrastructure is flooding the internet. There are now 573 known C2 domains for the group, with close to 10,000 hosts actively loading those domains. Magecart injects malicious JavaScript that steals the data shoppers enter into online payment forms. In all, RiskIQ has detected almost 2 million (2,086,529) instances of Magecart s javaScript binaries, with over 18,000 sites directly breached.
Source: https://threatpost.com/magecart-infestations-saturate-web/148911/