Equifax website hit by malvertising – will the pain never end?

Share on Twitter
Share on Google+
Share on LinkedIn
Share on Reddit

We suspect that you’ve heard the proverb, “It never rains but that it pours”.
It means that when bad stuff starts, you often get a whole lot of it hammering down on you – a literary way of suggesting that things are going to get worse before they get better.
People have been saying that proverb for 300 years or more, but it could have been written especially for Equifax, the way things are going.
First there was the breach, then the silly domain name, then the tweet that advertised a mis-spelling of the silly domain name, then the news that the breach was bigger than first thought, and then the news that the breach was bigger than first thought by more than was first thought.
How do you top that?
According to security blogger Randy Abrams, you top it by getting hit by malvertising.
That’s when a third-party company that you trusted to deliver content into your website (ads, perhaps, or some sort of tracking service)…
…screws up and delivers dodgy content that turns your site into a temporary but visible purveyor of tat.
Sophos Home
Cyber Security Law 网络安全法宣传视频《网络安全法》背景知识
Free home computer security software for all the family
Learn More
Abrams published a short video showing him browsing to Equifax’s signup page to request a personal information check – as you might do after a breach.
(Abrams says he was signing up so he could check his data because he suspected there might be a mistake in it that he wanted to correct.)
He started here:
But then you see his browser quickly bouncing him through a sequence of third-party domains, ending up on a content delivery network called centerbluray, which promptly offered up a fake Flash Player Install that claimed it would update you to the latest version of Flash:
As Abrams drily quipped on his blog:
Seriously folks. Equifax has enough on their plate trying to update Apache. They are not going to help you update Flash.
What happened?
According to Reuters, Equifax explained the blunder as follows:
The issue involves a third-party vendor that Equifax uses to collect website performance data, and that vendor’s code running on an Equifax website was serving malicious content.
In a word, malvertising, which we defined above.
The page that Abrams was on when the SNAFU happened now redirects to an Equifax holding page that tells the story rather differently (and uses an unencrypted, unauthenticated HTTP page to present its upbeat message about better service, too):
So, there you have it – Equifax is “working diligently to better serve you.”
As we said at the start, it never rains but that it pours.


pt电子游艺送体验金_培养风险管理型境外期货人才 莫吉等三人遭终身…
NBA球队阵容大变样:快船面目全非 骑士屡获强援