Quote:Malicious web code that Magecart groups use to steal payment card data from online stores is bustling business on underground forums. There are at least 38 unique families of such scripts, some more advanced than others, but each with multiple custom variants under their belt.
 
Coined by researchers at RiskIQ, the name Magecart refers to groups that scrape card data via malicious JavaScript code that loads on checkout pages. In late February, the company had discovered 12 Magecart groups operating independently.

The prolific activity of these groups prompted attention from other companies. Group-IB, a security outfit specialized in detecting and preventing cyber attacks, refers to the malicious code planted on victim websites as JS-Sniffers and splits them into two categories: universal and built for a specific content management (CMS) or payment system.