Latest in Gear

Image credit: AOL

Equifax may have been hacked again (update: not a breach)

A fake Flash installer that can pop up when you visit its site infects your computer with adware.
2553 Shares
Share
Tweet
Share
Save
AOL

When Equifax's interim CEO penned a letter of apology on The Wall Street Journal, he admitted that it will take a lot of effort to regain people's trust. Unfortunately, the company still seems to be lacking when it comes to security, because according to Ars Technica, it's been hacked yet again. Independent security analyst Randy Abrams told Ars that he was redirected to hxxp:centerbluray.info and was met with a Flash download when he went to equifax.com to contest a false info on his credit report.

The fake Flash installer apparently tricks people into downloading what Symantec identifies as Adware.Eorezo, an adware that inundates Internet Explorer with advertisements. Unfortunately, we can't replicate the problem, but Abrams said he encountered the issue on three separate visits and captured one of them on video:

We reached out to Equifax to ask whether the company has already cleaned up the adware downloader. To be safe, though, don't click on any random Flash installer that pops up when you visit the agency's website in the near future.

Update: Equifax says its IT and security teams are looking into the issue, but while the investigation is in progress, the page has been taken offline. The company plans to share more information as it becomes available.

Update 2: An Equifax rep said the company's website was not compromised, and the errant Flash downloader came from one of its vendors' code.

"Despite early media reports, Equifax can confirm that its systems were not compromised and that the reported issue did not affect our consumer online dispute portal.

The issue involves a third-party vendor that Equifax uses to collect website performance data, and that vendor's code running on an Equifax website was serving malicious content. Since we learned of the issue, the vendor's code was removed from the webpage and we have taken the webpage offline to conduct further analysis."

From around the web

ear iconeye icontext filevr