MALAYSIA’S sweeping ban on online vape sales has not eliminated the industry but instead forced it deeper underground, spawning a sophisticated network of invite-only digital marketplaces that operate beyond the reach of regulators and public scrutiny.

Under the Control of Smoking Products for Public Health Act 2024 (Act 852), the online sale of electronic cigarettes and vaping products is prohibited nationwide.

Yet despite the restrictions, underground operators have quietly migrated from mainstream e-commerce platforms into encrypted social media ecosystems and private online communities.

Access to these hidden marketplaces now requires more than a payment method. Prospective buyers must first secure a referral from an existing customer before their application is reviewed by administrators who verify the referrer’s identity and selectively approve new members.

Only after passing the vetting process are users granted access to extensive catalogues of vape devices, pods and e-liquids, many of which appear to breach Malaysian regulations.

Among the products being openly traded are disposable vape devices offering up to 32,000 puffs per unit — vastly exceeding the 3,000-puff limit permitted under current regulations linked to Act 852.

The underground platforms also reportedly offer flavoured vape products and packaging designs explicitly prohibited under the new law.

The rapid migration away from public-facing e-commerce platforms such as Shopee and Lazada has complicated enforcement efforts, with sellers increasingly relying on encrypted applications, private forums and closed social media groups.

Cybersecurity experts warn that traditional enforcement tools are proving inadequate against the evolving tactics used by illicit vape syndicates.

Cybersecurity firm LGMS Bhd’s chief executive officer Fong Choong Fook said illegal operators had largely abandoned conventional websites in favour of decentralised communication channels.

“It is difficult to police because they don’t even need to set up websites anymore. They operate over forums, chat groups, and Telegram groups. In fact, having a dedicated website is no longer common – they typically operate under social media chat groups,” he told The Star.

Although the Malaysian Communications and Multimedia Commission possesses the technical capability to block illicit websites, Fong said such actions merely offer temporary disruption.

“Technically, it is very easy to block a website. The only problem is that they can spawn a new site every now and then, so it doesn’t solve the problem from the root,” he said.

He added that enforcement becomes significantly more complicated once syndicates shift operations onto encrypted messaging platforms such as Telegram and WhatsApp.

“If they are operating groups on Telegram or WhatsApp, it is very hard to take action. I have seen Telegram groups selling contraband and smuggled goods. These groups are difficult to abolish because it requires cooperation from the social media platform providers to help block them. This takes a long time and involves complex processes and cross-border legal jurisdictions,” Fong explained.

Financial investigations into illegal vape syndicates also remain challenging, despite the availability of digital transaction trails.

Fong noted that authorities may still be able to trace payments made through e-wallet services or bank transfers, though investigations frequently lead only to intermediary or mule accounts rather than the syndicate masterminds.

“You will very likely trace it back to a mule account, not the actual seller. One thing leads to another, and authorities have to investigate the mules to eventually lead them back to the actual syndicate,” he said.

He also urged lawmakers to impose tougher penalties and establish a more transparent whistleblower reporting mechanism, including financial incentives for informants, particularly in cases involving the online targeting of minors.

Meanwhile, Universiti Sains Malaysia Cybersecurity Research Centre director M. Selvakumar said enforcement agencies still possess investigative tools despite the use of encrypted communications.

“End-to-end encryption reduces visibility into message content, but investigations rarely depend only on reading messages,” he said.

“Authorities typically combine complaints, undercover access, device seizures, account attribution, metadata obtained through lawful process and financial investigation.”

Selvakumar said one of the greatest operational difficulties stemmed from the speed at which illicit communities could regenerate and migrate across different platforms and channels.

He added that digital payment systems were more traceable than many users believed.

“Licensed payment providers maintain transaction records and apply anti-money-laundering controls, so even small payments can contribute to an investigative trail,” he said.

“The main challenge is not invisibility but fragmentation as payments may spread across multiple wallets, mule accounts, and intermediaries.”

The Health Ministry had not responded to requests for comment at the time of publication. – May 27, 2026