Screengrab via Dan Goodin/YouTube


You’d think increasing security would be at the top of Equifax’s list of priorities after it was brought to its knees by what could end up being the worst cyberattack in history. Sadly, that doesn’t appear the case. The company’s site was reportedly breached yet again on Thursday morning, according to a report from Ars Technica.

Independent security analyst Randy Abrams told Ars he came across an attempt to infiltrate user’s computers using a fake Adobe Flash pop-up. When clicked, the download link would infect a computer with adware that could only be detected by three of 65 antivirus products.

Abrams stumbled over the alleged adware while checking on his credit report. After clicking his way through the customer service page, he eventually hit a domain named “hxxp//” that tried to get him to download software called Adware.Eorezo.

Here’s a video uploaded by Ars Technica’s Dan Goodin showing the path Abrams took to reach the domain.

It’s not clear how the ad got there, but many security researchers believe a third-party working with Equifax is at fault. Equifax told Ars that it’s aware of the issue and has temporarily taken the page offline.

We are aware of the situation identified on the website in the credit report assistance link. Our IT and Security teams are looking into this matter, and out of an abundance of caution have temporarily taken this page offline. When it becomes available or we have more information to share, we will.

We tried to reach the Flash Player install pop-up ourselves but quickly hit a dead-end, “We’re sorry…the website is currently down for maintenance. We are working diligently to better serve you, and apologize for any inconvenience this may cause. We appreciate your patience during this time and ask that you check back with us soon,” it now reads.

If you need to go on Equifax’s website, do yourself a favor and avoid pressing on any random pop-ups or download links.

We’ve reached out to Equifax for more info, and will update this article if we hear back.

Phillip Tracy

Phillip Tracy

Phillip Tracy is a former technology staff writer at the Daily Dot. He's an expert on smartphones, social media trends, and gadgets. He previously reported on IoT and telecom for RCR Wireless News and contributed to NewBay Media magazine. He now writes for Laptop magazine.

Huge Equifax data breach affects almost 148 million Americans (updated)
Check if you've been comprised ASAP. Here's how.
From Our VICE Partners