Equifax may have been hacked again
When Equifax’s interim CEO penned a letter of apology on The Wall Street Journal, he admitted that it will take a lot of effort to regain people’s trust. Unfortunately, the company still seems to be lacking when it comes to security, because according to Ars Technica, it’s been hacked yet again. Independent security analyst Randy Abrams told Ars that he was redirected to hxxp:centerbluray.info and was met with a Flash download when he went to equifax.com to contest a false info on his credit report.
The fake Flash installer apparently tricks people into downloading what Symantec identifies as Adware.Eorezo, an adware that inundates Internet Explorer with advertisements. Unfortunately, we can’t replicate the problem, but Abrams said he encountered the issue on three separate visits and captured one of them on video:
We reached out to Equifax to ask whether the company has already cleaned up the adware downloader. To be safe, though, don’t click on any random Flash installer that pops up when you visit the agency’s website in the near future.
Source: Ars Technica