Lenovo has been selling computers with a pre-installed adware program that could allow hackers to (pretty easily) steal personal information such as passwords and bank credentials.
The adware, created by a company called Superfish, was intended to deliver users targeted ads based on their browsing history and online activity. Although many people have found the program and its injected ads to be obnoxious, sending Lenovo complaints since early Fall, now tech researchers have found a serious issue with the software.
Superfish’s adware works by “hijacking the trusted Certificates that websites use to connect securely to web browsers … doing so in such a way that made it possible for the company, and hackers, to take complete control of their machines”, according to The NY Times.
Because Superfish hijacks trusted Certificates, hackers can create fake websites that look legitimate to your computer’s antivirus software. For example, a hacker might create a fake bank website; to which you would unknowingly log in and give away your information without any warning from your computer. An article in Slate Magazine says that it could be as simple as a hacker sitting nearby at a cafe, using the same Wi-Fi network you’re on to “intercept the encrypted communications” through the huge hole “Superfish intentionally pokes”.
So, how do you know if you have Superfish on your machine?
Superfish came pre-installed on consumer laptops shipped between October and December 2014. Lenovo has now released a statement that includes a list of specific models here. Even if you don’t have one of the listed models or even a Lenovo, it’s still a good idea to check your computer as many sources are saying anybody could have this software or something similar.
How to test for Superfish on your computer:
TEST: If you are using Internet Explorer or Chrome to read this, click here to test your computer for Superfish (this test won’t work if you are using Firefox).
How to remove Superfish from your computer if you do have it:
Step 1: Open Windows start menu and search “remove programs” and select “add or remove programs”
Step 2: Right-click on “Superfish Inc. VisualDiscovery”, select uninstall.
Step 3: Go back to start menu and search for certmgr.msc and click launch.
Step 4: Click on “Trusted Root Certification Authorities” and open Certificates.
Step 5: Look for any Certificates that include Superfish Inc. and right-click to delete.
Step 6: Restart your browser then head back to re-test your computer.
Even after deleting Superfish and its Certificates from your site, your computer still may be at risk. Slate.com suggests “wiping the entire machine and installing vanilla Windows – not Lenovo’s Windows. Then change all of your passwords”.
Sources: http://bits.blogs.nytimes.com/2015/02/24/lenovos-chief-technology-officer-discusses-the-superfish-adware-fiasco/?_r=0 http://www.slate.com/articles/technology/bitwise/2015/02/lenovo_superfish_scandal_why_it_s_one_of_the_worst_consumer_computing_screw.html http://arstechnica.com/security/2015/02/lenovo-pcs-ship-with-man-in-the-middle-adware-that-breaks-https-connections/ http://lifehacker.com/how-to-test-your-pc-for-the-new-superfish-security-vu-1686788663 http://news.lenovo.com/article_display.cfm?article_id=1929