The giant computer tech company Lenovo has apparently been installing adware onto new consumer computers. The adware is turned on when you start the computer and injects third-party ads on Google searches and websites without the user’s permission.
The adware called Superfish didn’t only serve unwanted ads on Google – it also delivered pop-ups and left “secure” data vulnerable to prying eyes. It also installed a certificate which told the computer what websites, software and drivers to trust and what not to trust. This means that people who knew this information could add the certificate to any other malware they want, making your computer think it’s totally fine. It also means that an SSL certificate can be forged and can keep track of your every move online. This is a malicious technique commonly known as a man-in-the middle attack, and is much more dangerous than selling ads.
Naturally, users complained and a Lenovo community administrator, Mark Hopkins, wrote in late January that the software would be temporarily removed from current systems. However, the company didn’t take responsibility for their acts – instead, they defended Superfish, saying that it “helps users find and discover products visually” and “instantly analyzes images on the web and presents identical and similar product offers that may have lower prices.”
Interestingly enough, most antivirus softwares identified Superfish as dangerous and recommended removing it.
Firefox users were safer, because the browser maintains its own certificate store. If you want to check if you’re affected by Supervish, you can check out this website, which also gives information on how to deal with the security issues. Lenovo has also released detailed instructions on how to fully remove Superfish from affected systems.