After compromising large websites or third-party services they use in order to steal credit card information, the Magecart hackers have now turned to vulnerable Magento extensions.
http://feedproxy.google.com/~r/Securityweek/~3/O2U9MNrDLGc/magecart-hackers-now-targeting-vulnerable-magento-extensions