Element Vape, a popular online retailer for e-cigarettes and many other accessories recently had its website compromised and loaded with a popular credit card skimmer, MageCart.
BleepingComputer revealed the news whose analysts investigated the website’s code and found the skimmer on the checkout page. The skimmer is known to steal information such as email addresses, credit card numbers, expiration dates, phone numbers, billing addresses, and street and ZIP codes.
As soon as the existence of the skimmer was confirmed, the publication notified Element Vape, which reacted promptly, eliminating the malicious code from its website on the same day.
The mystery of how the code ended up on the website remains unknown and it is hard to tell if any of the company’s endpoints were infected with malware.
The name of the attacker is also currently unknown. While the publication states that the data stolen was sent to a hardcoded Telegram address.
An investigation revealed that the attack is most likely from a newer date, as the code was not present on the site earlier in February.
BleepingComputer claims that Element Vape has been attacked before back in 2018, potentially leaking personally identifiable information (PII) to unknown threat actors.
The consumers filed a lawsuit, claiming the company did not notify affected individuals on time and took no action to prevent the incident.
Element Vape has yet to comment on the findings.