Google Analytics and Angular in Magento Credit Card Stealing Scripts
Over the last few months, we’ve noticed several credit card-stealing scripts that use variations of the Google Analytics name to make them look less suspicious and evade detection by website owners.
The malicious code is obfuscated and injected into legitimate JS files, such as skin/frontend/default/theme122k/js/jquery.jscrollpane.min.js, js/meigee/jquery.min.js, and js/varien/js.js.
The obfuscated code loads another script from www.google-analytics[.]cm/analytics.js.
Read more: Google Analytics and Angular in Magento Credit Card Stealing Scripts
Story added 26. February 2019, content source with full text you can find at link above.