Join Our Breach Prevention Program 

Start with a Free Dark Web Scan and Baseline Security Assessment. Your Protection is on Us!

IT Specialist Blogs

rss

News, Topics and Opinions on Information Technology

Specify Alternate Text

Does your Lenovo computer have Superfish VisualDiscovery adware (a.k.a. spyware) installed? It’s possible if you purchased a Lenovo PC any time in September of 2014 and thereafter.

This Superfish software intercepts the Lenovo user’s traffic so that the user sees ads displayed that reflect their browsing habits. The problem with this targeted advertising scheme is that it comes with a vulnerability that makes it easy for hackers to attack.

Superfish enables targeted advertising by installing what’s called a trusted root CA certificate.

Browser-based traffic that’s encrypted gets intercepted, unscrambled and recrypted to one’s browser by a man-in-the-middle attack. Due to the trusted root CA, the user’s browser will not show any warnings that there’s something very fishy going on (i.e., an attack).

The private key of the Superfish software can be easily recovered. This enables a hacker to produce certificates for any website that’s trusted by a system that has the Superfish adware installed.

The hacker can then replicate websites, or spoof them, without the user ever knowing it because the browser won’t know it. The type of attack is called SSL spoofing.

Many Lenovo users, hence, have the perspective of, “How DARE Lenovo preinstall this software?!” Lenovo has received harsh backlash and has claimed they’ve discontinued these installations. But this doesn’t reverse the vulnerability of the PCs that already have the adware.

To find out if your Lenovo has this adware, see if it has an HTTP GET request to superfish.aistcdn.com. And then if it does, uninstall it, along with the root CA certificate—don’t just uninstall the adware only; that certificate is what gets the hackers in.

The Microsoft Windows certificate store, and the Firefox and Thunderbird certificate stores, can guide you in managing and deleting certificates.

Right now, the best thing to do is head to this site: https://lastpass.com/superfish/ and then this site: https://filippo.io/Badfish/ to confirm your device doent have the superfish. If both check out OK, you’re good.

Robert Siciliano is an identity theft expert to TheBestCompanys.com discussing  identity theft prevention. Disclosures.

Showing 0 Comment


Comments are closed.

Interested in submitting content for publication and syndication on the IT Specialist Network?

As a contributing writer on IT Specialist.com, you can quickly gain exposure as an opinion leader or subject matter expert in information technology with our large audience of technical professionals located around the world. And as an added benefit, our website supports multi-lingual textual translation via Google. We welcome new and established authors that specialize in one or more sectors of the IT industry. Once your article(s) is approved for publication, it will be selectively syndicated on our broader IT Specialist Network or platform. Contact us for details.