Magecart targeted 277 different e-commerce websites in less than a week in January. Magecart Group 5 and Group 12 attack third-party services by injecting skimming code to JavaScript libraries they provide. The malware then harvests payment card information from online check-out pages. The sites are a mixed bag, providing everything from ticketing, touring and flight booking services to self-hosted shopping cart websites from prominent cosmetic, healthcare and apparel brands. Trend Micro researchers believe this particular campaign was carried out by the same crew behind Ticketmaster breach.
Source: https://threatpost.com/magecart-returns-with-advertising-library-tactic/140902/