Home / Explore Technology / Security / Adware Hits Equifax Website

Adware Hits Equifax Website

Credit reporting agency Equifax already earned its place in the history books for a "cybersecurity incident" that impacted more than half of all adult Americans. Names, Social Security numbers, birth dates, addresses, and driver's license numbers were all exposed through the company's website.

Equifax responded to the breach with "supreme arrogance," but it seems the company failed to learn anything from its security failings. Proof of that appeared yesterday when the Equifax website was compromised yet again.

As Arstechnica reports, for several hours yesterday, October 11, anyone visiting the Equifax website may have been presented with a Flash Player update prompt. It was fake, and opting to install the update saw your PC infected with adware (specifically Adware.Eorezo).

Here's a video showing how the malicious Flash Player update prompt appears while browsing the site:

The situation was made worse because only three antivirus providers (of 65) detected the adware being used and offered protection (Panda, Symantec, and Webroot). Everyone else was left dealing with an infected machine, or at least having one of the four domains the hack redirects through flagged as suspicious by security suites.


Independent security analyst Randy Abrams discovered the hack and managed to trigger it several times yesterday. However, today it seems to have disappeared from the Equifax website. Either someone at Equifax noticed and removed the hack, or the hackers have gone quiet realizing the media was on to them.

The advice for now is to not go anywhere near the Equifax website if you can avoid it.

Read more

Check Also

US Lawmakers Question Handling of Meltdown, Spectre Flaws

A House committee sent letters to the CEOs of several major tech companies regarding their decision to keep the flaws secret from the rest of the industry until January.

Leave a Reply

Your email address will not be published. Required fields are marked *

Disclaimer: Trading in bitcoins or other digital currencies carries a high level of risk and can result in the total loss of the invested capital. theonlinetech.org does not provide investment advice, but only reflects its own opinion. Please ensure that if you trade or invest in bitcoins or other digital currencies (for example, investing in cloud mining services) you fully understand the risks involved! Please also note that some external links are affiliate links.