One of the web skimming groups that operate under the Magecart umbrella has been testing the injection of payment card stealing code into websites through commercial routers like those used in hotels and airports. The group has also targeted an open-source JavaScript library called Swiper that is used by mobile websites and apps.
Security researchers from IBM’s X-Force Incident Response and Intelligence Services team have found what appear to be test skimming scripts developed earlier this year by one of the most prolific of the dozen or so groups tracked by the security industry as Magecart.
