… This is the people the IRS thinks is competent to handle people’s data, everyone. EQUIFAX just shows us how capable it has become by getting hijacked yet again. This time to deliver fraudulent Adobe Flash updates, which when clicked, infected visitors’ computers with adware that was detected by only three of 65 antivirus providers.
The virus was found by security analyst Randy Abrams. Who just so happened to visit the website today to check false information on his credit report. No doubt thanks to the cybersecurity incident that affected 145 Million Americans. The EQUIFAX website redirected Randy to a domain named hxxp//:centerbluray.info. Obviously the website was suspicious enough.
The adware that was trying to install itself into EQUIFAX customers’ computers is called Adware.Eorezo according to Symantec. The program itself isn’t that harmful because it only opens ads on Internet Explorer. However, it is a program that installs itself as a registry entry in order to be executed at startup.
Abrams thought this would be just a small mishap by EQUIFAX. To fly under the radar, attackers frequently serve the downloads to only a select number of visitors, and then only once. In order words, this would be a day in the park for the cybersecurity department.
He was completely wrong, Abrams encountered the bogus Flash download links on at least three subsequent visits. And it seems like – while EQUIFAX is aware of the issue – they haven’t really thought of a solution to this problem.
It seems like the Senate is right, EQUIFAX is so incompetent to handle anything. The company who hired a Music Major as a chief of cybersecurity isn’t really supposed to handle the data of anyone. Why hasn’t anybody closed this company already? They have proved time and time again that their people can’t handle anything at all.
Look, there’s been allegations that EQUIFAX isn’t the only affected website. And that there’s still other websites made part of a massive Malwaretising campaign. However, the fact still remains that the EQUIFAX website got compromised in some way. And that is unforgivable for a company like this.