dcsimg

3rd-Party JavaScript Code Adds Malware to Equifax, TransUnion Sites

By HTMLGoodies Staff

WEBINAR:
On-Demand

Application Security Testing: An Integral Part of DevOps


A recent incident involving two well-known financial services companies serves as a reminder to Web developers to be very careful about incorporating third-party code into their websites. Equifax, which has been in the news following a record-breaking data breach, and its rival TransUnion were both recently found to be serving malware from their websites. Some users who visited the companies’ sites saw fake Flash player update notices that would download malware when clicked.

"The issue involves a third-party vendor that Equifax uses to collect website performance data, and that vendor's code running on an Equifax website was serving malicious content," Equifax stated. "Since we learned of the issue, the vendor's code was removed from the webpage and we have taken the webpage offline to conduct further analysis."

View article



Make a Comment

Loading Comments...

  • Web Development Newsletter Signup

    Invalid email
    You have successfuly registered to our newsletter.

    By submitting your information, you agree that htmlgoodies.com may send you HTMLGOODIES offers via email, phone and text message, as well as email offers about other products and services that HTMLGOODIES believes may be of interest to you. HTMLGOODIES will process your information in accordance with the Quinstreet Privacy Policy.

  •  
  •  
  •  
Thanks for your registration, follow us on our social networks to keep up-to-date