Our DNSMon flagged an abnormal domain make magento-analytics[.]com, through continuous tracking, and correlation with various data, we found out that the domain make has been used to inject malicious JS book to various online shopping sites to steal the citation card possessor / card number / expiration time / CVV information.