"Warning: Popular E-cigarette Store Hacked to Steal Credit Cards"

According to Bleeping Computer, Element Vape, a major online seller of e-cigarettes and vaping kits, is serving a credit card skimmer on its website, likely after being compromised by hackers. Researchers have observed Element Vape's website loading a malicious JavaScript file from a third-party website. The file appears to contain a credit card stealer. Threat actors known as Magecart have used such credit card stealers on eCommerce stores by injecting scripts. Multiple webpages of the Element Vape online store, including the homepage, were found to have an obscure base64-encoded script. It remains unknown how long the malicious script has been present on the website. When decoded and analyzed, the discovered script was seen collecting customers' payment card and billing information on the checkout page. The script looks for email addresses, payment card numbers, expiration dates, phone numbers, and billing addresses. This information is then exfiltrated to the attacker through an obfuscated hardcoded Telegram address in the script. In addition, the script has anti-reverse-engineering features to deter analysis by detecting when it is being run in a sandbox environment or in other analysis tools. This article continues to discuss the discovery of a malicious JavaScript file being pulled by Element Vape's website to skim credit cards. 

Bleeping Computer reports "Warning: Popular E-cigarette Store Hacked to Steal Credit Cards"