Some malicious programs force the legal user to authorize money transfers from their account to that of the cybercriminals. These programs are known as ZeuS, a popular Trojan. Trojan intercepts all of the data passing through the web browser and redirects it to a malicious version of the banks website. The Trojan modifies the code in the downloaded page, as instructed, so the user does not see the original reminder about the card reader. In addition to this, links are added to the code which supposedly point to a script hosted on the bank’s legitimate website. When the browser follows this link, it is intercepted by another function contained within the Trojan.”]
Source: https://securelist.com/malicious-javascript-vs-card-reader/29584/