Equifax’s massive data breach – which put the personal information of nearly 150 million Americans at risk – doesn’t really seem like it can get much worse. Of course, we’re learning today that making such a challenge is a foolish thing indeed, as it has gotten worse. How bad is it? That depends on how you feel about potentially being exposed to malware.
We’re guessing most Equifax users aren’t too fond of that notion. According to Ars Technica, Equifax’s website has been seemingly compromised once more, serving up malicious adware to visitors both last night and early this morning. Ars was tipped off by Randy Abrams, a security analyst who visited the site Wednesday evening to contest false information on his credit report.
Instead of filling out the form required of him, he was instead redirected to hxxp//:centerbluray.info, which attempted to get him install a bogus Flash player. Obviously, that download doesn’t actually install Flash player, but rather malware identified by Symantec as Adware.Eorezo. Though Abrams at first suspected that this was a drive-by campaign – wherein the malicious downloads are offered only once to a select number of visitors – he was prompted to install the malicious download on three later visits.
Abrams put together the video you see above, in which the Equifax site redirects to the download in question. While Abrams (and many people reading this article) would likely ignore prompts to download the malware from the second they see the pop-up, others may be a little more trusting of a prompt that appears on Equifax’s own website. Even worse, Ars points out that only three antivirus programs – Panda, Symantec, and Webroot – detect that the downloaded file is adware.
For now, it’s unclear how Equifax’s site was breached to allow that download prompt. It’s possible that this is down to a third-party ad network, but after all the grief this Equifax breach has caused, it hardly matters who’s to blame. What matters is that Equifax is once more the purveyor of risk and frustration to consumers who are just trying to get things sorted out in the wake of this breach. We’ll keep an eye on any developments with this story and report back when new information is available, but for now, it may not be a bad idea to stay away from the Equifax website altogether.