Equifax’s Website Breached, Data Stolen, Malicious Adware Delivered

Hackers attacked the website of Equifax the credit reporting company during May and stole 145.5m American buyers' names, Social Security Numbers (SSN) along with many other details. Over long hours on October 11, losing control to the hackers again, the website served fake updates of Adobe Flash that if opened contaminated the PCs of those visiting it with adware which just 3 antivirus engines out of 65 of Virus Total were able to detect.

Independent security expert Randy Abrams, on October 11, visited the website only to find that his credit statement had false information. While surfing inside his Web-browser, Abrams accessed one page from certain domain namely hxxp:centerbluray.info.

Equifax right now is inaccessible, admitting a considerable hack into it recently which impacted around 145.5m punters because of one ancient security flaw in Apache still un-patched. While the personal data belonging to nearly 50 percent of Americans was lost, the chief executive officer of the company used the opportunity for taking leave. Theinquirer.net posted this dated October 12, 2017.

Malicious hackers, in their usual ruse, commonly compromise certain pages after unlawfully infiltrating the related website for infecting visitors. Frequently, the malware-laden web-links are invisible on the site's different pages, while no indication of the unpleasant situation becomes apparent. In the meantime, pursuing those web-links infects the visitors' PCs.

The adware laden inside the phony update of Adobe Flash, which Virus Total detected, was one hidden file called MediaDownloaderiron.ex. Ars Technica reported this as Randy Abrams told it. As for Equifax, the firm made no comment over the latest incident. Furthermore, nothing is known if Equifax cleaned the redirecting program else if the hackers themselves did so.

However, sometime later, Abrams could not show the redirects which originally took onto the malevolent adware. It is likely Equifax decided better and sanitized its website. It is as well likely that the hackers themselves closed shop temporarily, while enjoying the capability for returning when they want to and plundering visitors with even worse misfortunes. An e-mail to Equifax containing one web-link opening onto a relevant video while seeking the company's comment went unanswered.

» SPAMfighter News - 10/18/2017