Singapore-based cybersecurity firm Group-IB attributes the attack to a cybercrime group. The group targeted e-commerce websites with information stealers and JavaScript-based payment skimmers. The campaign progressed in four waves, starting in February and ending in September. The ultimate goal of the attack was to steal payment and user data via several attack vectors and tools to deliver the malware. The infrastructure used to distribute the Vidar and Raccoon stealers shared similarities with those used to store the JS-sniffer code and collect stolen bank card data.
Source: https://thehackernews.com/2020/12/payment-card-skimmer-group-using.html