Credit reporting agency Equifax already earned its place in the history books for a “cybersecurity incident” that impacted more than half of all adult Americans. Names, Social Security numbers, birth dates, addresses, and driver’s license numbers were all exposed through the company’s website.
It seems the company failed to learn anything from its security failings, as the Equifax website was compromised yet again.
As Ars Technica reports, for several hours yesterday, Oct. 11, anyone visiting the Equifax website may have been presented with a Flash Player update prompt. It was fake, and installing it infected PCs with adware (specifically Adware.Eorezo).
Here’s a video showing how the malicious Flash Player update prompt appears while browsing the site:
The situation was made worse because only three antivirus providers (of 65) detected the adware being used and offered protection (Panda, Symantec, and Webroot). Everyone else was left with an infected machine or domains flagged as suspicious by security suites.
Independent security analyst Randy Abrams discovered the hack and managed to trigger it several times yesterday. However, today it seems to have disappeared from the Equifax website. Either someone at Equifax noticed and removed the hack, or the hackers have gone quiet realizing the media was on to them.
The advice, for now, is to not go anywhere near the Equifax website if you can avoid it.