October 12, 2017 by

Equifax Website Hacked Again with Malware Flash Redirect

Credit reporting giant Equifax which suffered the ignominy of exposing the personal data of nearly 150 million people has been hacked again.

First noticed by security researcher Randy Abrams, an independent security analyst, the compromise sees the browser redirect the user from Equifax’s website to a website offering a faux Flash update riddled with malware. Abrams was visiting the website to contest what he saw was false information on his credit report, when his browser redirected to a page offering a flash update.

A closer look revealed that the website was indeed compromised, with attackers luring Equifax visitors into installing a strain of malware called Adware.Eorezo, a drive-by campaign.

Hijacking webpages are a common tactic by malicious hackers to target visitors. Abrams tried accessing the website multiple time where he encountered the fake Flash download link pop-up on three subsequent visits. The researcher was able to capture the compromise below wherein the Equifax page redirected the browser to several domains before opening the Flash download at the original page. The file turned out to be an adware named ‘mediaDownloaderIron.exe.

Abrams was unable to reproduce the redirects subsequently, according to ArsTechnica. It’s entirely possible that Equifax moved to clean up its website or that attackers could have paused their driveby payload temporarily before resuming at a later time.

If Equifax really was compromised, again, it will be another blow to the embattled company whose CEO stepped down after the infamous data breach of social security numbers and other personal information of 145.5 million Americans last month.

Image credit: Pixabay.

About the author

Image of Author

LIFARS is the global leader in Digital Forensics and Cyber Resiliency Services. Our experience spans two decades working on high profile events, often in concert with Law Enforcement Agencies around the world. Our proprietary methodology derives directly and indirectly from our experience working with and for U.S. Intelligence Agencies, Interpol, Europol, and NATO. We are solely dedicated to Cyber Resiliency and thus pay close attention to all aspects of our clients’ engagements experience while providing a strategic and integrated array of services to minimum risk and disruption while protecting your brand.

Related articles

Equifax CEO Retires after Data Breach of 143 Million U.S. Customers

The CEO of credit reporting agency Equifax is stepping down as a direct result of the infamous data...

Read more arrow_forward

Equifax’s Credit-Monitoring Site is also Vulnerable as US Senators Demand Answers

The website set up by Equifax to enable credit account monitoring following last week’s...

Read more arrow_forward

Equifax Data Breach Exposes 143 Million Users’ Data to Identity Theft

Major credit reporting firm Equifax has confirmed a data breach that affects a staggering 143...

Read more arrow_forward