Equifax website hacked again
Credit reporting agency Equifax already earned its place in the history books for a “cybersecurity incident” that impacted more than half of all adult Americans. Names, Social Security numbers, birth dates, addresses, and driver’s license numbers were all exposed through the company’s website.
Equifax responded to the breach with “supreme arrogance,” but it seems the company failed to learn anything from its security failings. Proof of that appeared yesterday when the Equifax website was compromised yet again.
As Arstechnica reports, for several hours yesterday, October 11, anyone visiting the Equifax website may have been presented with a Flash Player update prompt. It was fake, and opting to install the update saw your PC infected with adware (specifically Adware.Eorezo).
Here’s a video showing how the malicious Flash Player update prompt appears while browsing the site:
The situation was made worse because only three antivirus providers (of 65) detected the adware being used and offered protection (Panda, Symantec, and Webroot). Everyone else was left dealing with an infected machine, or at least having one of the four domains the hack redirects through flagged as suspicious by security suites.
Independent security analyst Randy Abrams discovered the hack and managed to trigger it several times yesterday. However, today it seems to have disappeared from the Equifax website. Either someone at Equifax noticed and removed the hack, or the hackers have gone quiet realizing the media was on to them.
The advice for now is to not go anywhere near the Equifax website if you can avoid it.