Home / Explore Technology / Security / Equifax Website Hacked Again

Equifax Website Hacked Again

Credit reporting agency Equifax already earned its place in the history books for a "cybersecurity incident" that impacted more than half of all adult Americans. Names, Social Security numbers, birth dates, addresses, and driver's license numbers were all exposed through the company's website.

Equifax responded to the breach with "supreme arrogance," but it seems the company failed to learn anything from its security failings. Proof of that appeared yesterday when the Equifax website was compromised yet again.

As Arstechnica reports, for several hours yesterday, October 11, anyone visiting the Equifax website may have been presented with a Flash Player update prompt. It was fake, and opting to install the update saw your PC infected with adware (specifically Adware.Eorezo).

Here's a video showing how the malicious Flash Player update prompt appears while browsing the site:

The situation was made worse because only three antivirus providers (of 65) detected the adware being used and offered protection (Panda, Symantec, and Webroot). Everyone else was left dealing with an infected machine, or at least having one of the four domains the hack redirects through flagged as suspicious by security suites.

Related

Independent security analyst Randy Abrams discovered the hack and managed to trigger it several times yesterday. However, today it seems to have disappeared from the Equifax website. Either someone at Equifax noticed and removed the hack, or the hackers have gone quiet realizing the media was on to them.

The advice for now is to not go anywhere near the Equifax website if you can avoid it.

Read more

Check Also

DNC: That Hacking Attempt Was Actually a Test

"We, along with the partners who reported the site, now believe it was built by a third party as part of a simulated phishing test on VoteBuilder," the DNC's chief security officer Bob Lord said in a statement.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Disclaimer: Trading in bitcoins or other digital currencies carries a high level of risk and can result in the total loss of the invested capital. theonlinetech.org does not provide investment advice, but only reflects its own opinion. Please ensure that if you trade or invest in bitcoins or other digital currencies (for example, investing in cloud mining services) you fully understand the risks involved! Please also note that some external links are affiliate links.