A recently discovered multi-platform credit card skimmer can harvest payment info on compromised stores powered by Shopify, BigCommerce, Zencart, and Woocommerce. The new skimmer (also known as a Magecart script) can also abuse hosted e-commerce systems such as Shopify and BigCommerce. It does that by displaying a fake payment page before the customers land on the real checkout form and using a keylogger to intercept payment and personal information. The skimmer will also throw an error after the customers hit the “Proceed”” button to submit their credit card information to evade detection and not raise any alarm flags.”
Source: https://www.bleepingcomputer.com/news/security/multi-platform-card-skimmer-found-on-shopify-bigcommerce-stores/