Element Vape, a popular online retailer that sells e-cigarettes and related accessories, has its website compromised and loaded with the popular credit card skimmer MageCart.
The news was revealed by Beeping computer, whose analysts examined the website’s code and found the skimmer on the checkout page. The skimmer stole information such as email addresses, credit card numbers and expiration dates, phone numbers, billing addresses, and street and zip codes.
As soon as the existence of the skimmer was confirmed, the publication notified Element Vape, which responded immediately and removed the malicious code from its website the same day.
Last Attack
How the code ended up on the site in the first place remains a mystery, and it’s hard to say if any of the company’s endpoints were infected with malware.
The name of the perpetrator is also unknown. The publication says the stolen data is exfiltrated to an obfuscated, hard-coded Telegram address.
What the investigation revealed is that the attack is most likely recent, as the code was not present on the site at the beginning of February this year.
> MageCart attacks are making a return, targeting hundreds of outdated ecommerce websites
> Retailers using WooCommerce are the next target for Magecart Card Skimmer attacks
> Magecart attacks hit thousands of UK SMEs ahead of Black Friday
Element Vape has been attacked before, Beeping computer says. Back in 2018, it notified its customers that personally identifiable information (PII) might have been leaked to unknown threat actors.
Consumers filed a lawsuit, claiming that the company failed to notify affected individuals in a timely manner and did everything possible to prevent the incident from happening in the first place. The lawsuit was followed by a class action lawsuit in 2019 calling for a jury trial.
While the community reaction to Element Vape seems to be mostly positive, there are a few potential red flags on social media, hints from BleepingComputer. For example, in some US states it is known as TheSY LLC and has a Twitter user base of 13,000. However, his tweets are protected, which is not what you are used to from a company.
Element Vape is yet to comment on the results. Customers interacting with the company are advised to keep both eyes on their credit cards for suspicious transactions.
- You should also check out our list of best firewalls at the moment
This article was previously published on Source link