Magecart: Magecart has been found to be behind a massive campaign which has compromised at least 17,000 domains since April stated RiskIQ.  The group accomplished this by scanning for misconfigured Amazon S3 servers.  The group then uploaded malicious code to the misconfigured servers within JavaScript files utilized by live websites.  As with most Magecart campaigns, the code was designed to log payment card details from visitors to the affected websites.  A number of the victims include companies which provide services to other online services including Picreel, Alpaca Forms, AppLixir, RYVIU, OmniKick, eGain, and AdMaxim.  Because each of those companies provides services to thousands of other companies when the JavaScript files on their servers where compromised it spread and affected their customers as well.