3rd-Party JavaScript Code Adds Malware to Equifax, TransUnion Sites

By HTMLGoodies Staff

WEBINAR: On-demand webcast

How to Boost Database Development Productivity on Linux, Docker, and Kubernetes with Microsoft SQL Server 2017 REGISTER >

A recent incident involving two well-known financial services companies serves as a reminder to Web developers to be very careful about incorporating third-party code into their websites. Equifax, which has been in the news following a record-breaking data breach, and its rival TransUnion were both recently found to be serving malware from their websites. Some users who visited the companies’ sites saw fake Flash player update notices that would download malware when clicked.

"The issue involves a third-party vendor that Equifax uses to collect website performance data, and that vendor's code running on an Equifax website was serving malicious content," Equifax stated. "Since we learned of the issue, the vendor's code was removed from the webpage and we have taken the webpage offline to conduct further analysis."

View article



Make a Comment

Loading Comments...

  • Web Development Newsletter Signup

    Invalid email
    You have successfuly registered to our newsletter.
  •  
  •  
  •  
Thanks for your registration, follow us on our social networks to keep up-to-date