February 24, 2015
Some Lenovo laptops that have shipped since August include a pre-installed adware program known as Visual Discovery by Superfish. While Superfish is designed to serve ads, it reportedly does so in a dangerous way that leaves users vulnerable to hackers. While Lenovo claims that it has investigated the tech and does “not find any evidence to substantiate security concerns,” Internet security analysts suggest a major problem still exists. The Department of Homeland Security warns that Superfish makes users vulnerable to SSL spoofing.
This type of cyberattack allows remote attackers to “read encrypted web traffic, redirect traffic from official websites to spoofs, and perform other attacks,” reports Reuters. Homeland Security issued a formal notice warning of the potential threat.
“Adi Pinhas, chief executive of Palo Alto, California-based Superfish, said in a statement that his company’s software helps users achieve more relevant search results based on images of products viewed. He said the vulnerability was ‘inadvertently’ introduced by Israel-based Komodia, which built the application described in the government notice.”
While a number of news organizations have been quick to jump on Lenovo, some have since pointed out that the company is not the only one using such SSL-breaking certificates.
Symantec discovered a malicious program back in December, known as Trojan.Nurjax, which hijacks browsers.
“According to a blog post published Friday by a security researcher from Facebook, Nurjax is one such example of newly found software that incorporates HTTPS-defeating code from… Komodia,” reports Ars Technica. “Combined with the Superfish ad-injecting software preinstalled on some Lenovo computers and three additional applications that came to light shortly after that revelation, there are now 14 known apps that use Komodia technology.”
Lenovo’s Response to Its Dangerous Adware is Astonishingly Clueless, Wired, 2/19/15
You Had One Job, Lenovo, Slate, 2/20/15