A fake pop-up prompting users to “update” their Adobe Flash program on Equifax’s website has many experts wondering if the credit monitoring company has been hacked again.
The Ars Technica blog is reporting:
Randy Abrams, an independent security analyst by day, happened to visit the site Wednesday evening to contest what he said was false information he had just found on his credit report. Eventually, his browser opened up a page on the domain hxxp:centerbluray.info …
He was understandably incredulous. The site that previously gave up personal data for virtually every US person with a credit history was once again under the control of attackers, this time trying to trick Equifax visitors into installing crapware Symantec calls Adware.Eorezo. Knowing a thing or two about drive-by campaigns, Abrams figured the chances were slim he'd see the download on follow-on visits. To fly under the radar, attackers frequently serve the downloads to only a select number of visitors, and then only once.
The report states Abrams encountered the same problem at least three more times. It concludes that even if the problem is related to a third-party vendor, it’s a critical error that is preventing users of the website from using key functions.
The error stopped occurring about an hour after the Ars Technica report was first published, indicating the website may have been cleaned up. But if the site’s data was compromised in any way, it may take months to find out.