Magento-Based Websites Hacked: Steal Credit Card Data and Install Mining Malware

I keep observe Magento platform so far. On Jan 2018, OnePlus Confirms Credit Card Breach Impacted Up to 40,000 Customers. A security expert found that Oneplus exploiting Magento eCommerce platform. Heard that over 1000 Magenoto stores as hacked this week (Apr 2018). It looks strange that only for 3 months another new cyber security accident happen again. Security experts observed there are three possible ways make the incident happen.

1. Insert malicious code in Magento core files.

2. Attackers deploy cryptojacking scripts that mine Monero on the computers of store visitors.

3. Adobe Flash Player update packages, which would infect users with the AZORult infostealers.

Remark: TrendMicro investigation report display in below url for reference.

But my observation looks have different than above. For more details, please refer to above diagram.