Linked – Equifax rival TransUnion also sends site visitors to malicious pages
Turns out the problem here is not that either site got hacked, but perhaps they are both using the same ad-service that was hacked:
The common thread tying the affected Equifax and TransUnion pages is that both hosted fireclick.js, a JavaScript file that appears to invoke the service serving the malicious content. When called, fireclick.js pulls content from a long chain of pages, starting with those hosted by akamai.com, sitestats.com, and ostats.net. Depending on the visitors’ IP address, browsers ultimately wind up visiting pages that deliver a fake survey, a fake Flash update, or an exploit kit.
This is getting to be a huge problem. All it takes is access to the right ad network and you can spread malware around to thousands of people who do nothing more than visit a website that they’ve visited hundreds of times before. It’s one of the reasons people started using ad-blockers. It’s not just that the ads are annoying as hell, they are also potentially dangerous. I’m not interested in turning mine off, and most of the sites that block me until I turn it off, just don’t get visited any more. Why should I take the chance that their ad-network isn’t running rampant with malware, when this sort of thing has gone on for years. It’s security weakness that is literally built into the platform, and no one will do anything about it.
