Back to Blog

Equifax in Trouble Again After Site Displays Malicious Content

October 13, 2017

By: Sikur


by Phil Muncaster


Equifax has been left red-faced again after its website began displaying malicious content stemming from third party vendor code.

Reports started to emerge over the past day or so that users clicking through on the main site were being presented with a scam Adobe Flash update page with a URL.

The domain is detected only by Google and Malwarebytes as malicious.

Clicking on said update would infect the user’s computer with adware, currently only detected by three out of 65 AV firms on VirusTotal: Panda, Symantec and Webroot.

A statement Equifax sent to researcher Kevin Beaumont revealed the problem was down to a third-party partner:

“Despite early media reports Equifax can confirm that its systems were not compromised and that the reported issue did not affect our consumer online dispute portal.

“The issue involves a third party vendor that Equifax uses to collect website performance data, and that vendor’s code running on an Equifax website was serving malicious content. Since we learned of the issue, the vendor’s code was removed from the webpage and we have taken the webpage offline to conduct further analysis.”

Although this incident turned out to be a supply chain hack on a partner, it threatens to further damage the reputation of the under-fire credit reporting agency, which was breached earlier this year and the highly sensitive records of 145.5 million Americans and 700,000 Brits compromised.


Contact us

Safety is essential to your decision making. We are sure that our team can clarify any doubts. After all, we understand security.

Follow us


Contact Us
First Name*
Last Name*
Mobile Number*
Tell us what do you need* ?
Products: Hold CTRL+Click to add more than 1.* ?
I agree to the Privacy Policy and Terms of Service.