Misconfigured Magento or OpenCart instances may have been targeted to facilitate the deployment of Mongolian Skimmer, which uses various event-handling methods to ensure extensive compatibility while hiding malicious activity with heavy Unicode character utilization.

Article Link: Mongolian Skimmer obfuscated via Unicode in new skimming campaign | SC Media