The presence of the card stealer was noticed by Troy Mursch, a security researcher who runs the Bad Packets website.
In a tweet, Mursch said: "On May 14, we noticed the site was compromised around 4:30 AM UTC (3.30pm AEDT on Wednesday) and notified multiple Forbes contacts via email. At 2:00 PM UTC, the site was taken offline. Around 6:00 PM UTC the website was back online, minus the malware."
⚠️ WARNING ⚠️@Forbes Magazine subscription website (https://t.co/VqCahQHj9X) is infected with #magecart malware.— Bad Packets Report (@bad_packets) May 15, 2019
Exfil domain: fontsawesome[.]gq (??)@urlscanio results: https://t.co/Su3ziLZd3w
Deobfuscated code: https://t.co/jb0ULmq0Et pic.twitter.com/zlRGZ5k2hE
The chief of security firm RiskIQ, Yonathan Klinsjma, who has made a detailed study of Magecart, said last year that since 2016 he had publicised the spread of devices known as card skimmers — hidden within credit card readers on ATMs, petrol pumps and other machines where people paid with credit cards — to steal credit card data.
Mursch later tweeted that the site was back online "and we've confirmed the malware has been removed".
They clearly need Blockchain. pic.twitter.com/x408L6dLDs— Kevin Beaumont (@GossiTheDog) May 16, 2019
However he warned: "If you made a purchase on the site while it was compromised, your credit card information was likely stolen."
The site appears to down at the time of writing (8.50am AEDT, Friday).