E-commerce and financial sites stand first in the rundown of potential victims as they manage financial exchanges. Security researchers at Sucuri have found a malicious code inside the Magento e-commerce website that was intended to send all the data submitted by a customer amid checkout procedure to a third-party site, here “soulmagic.biz.fozzyhost.com/add” The traditional way to target victims of victims of online stores is to use targeted social media and emails, but due to increased awareness among the people about the threat of phishing attacks, hackers have now discovered new way.
Source: https://thehackernews.com/2015/04/Magento-website-security.html