Millions Of Lenovo PCs Vulnerable To 'Superfish' Hack; How To See If You're Affected
Lenovo has been accused of deploying a new kind of malicious software that, by hijacking a user's Internet connection, forces them to see ads approved by the company. The malware, known as “Superfish,” renders encryption irrelevant and makes it possible for hackers to easily pose as Google, Bank of America and other institutions that users implicitly trust with their most sensitive information.
Lenovo customers have been complaining about Superfish since last year, claiming that there is no way for them to stop the company from interfering with their Web activity. Superfish broke the HTTPS connection, which protects users when they enter their log-in credentials or financial information on any major website. However, while doing so, Lenovo failed to adequately cover its own tracks and left users vulnerable to victimization from nefarious third parties.
This type of attack, known as a Man In The Middle hack, undermines the entire idea of HTTPS protection, a fundamental piece of online encryption.
“This means that hackers at your local cafe WiFi hotspot, or the NSA eavesdropping on the Internet, can use that private-key to likewise intercept all SSL [encrypted] connections from Superfish users,” Robert Graham of Errata Security told Forbes, adding that Superfish is “an egregious security failure.”
Mark Hopkin, a Lenovo community administrator, announced late in January that the company would no longer install the malware onto new computers, at least until the company can “build a software that addresses these issues.”
Yet Superfish dates back by at least two years and Lenovo, which is the biggest PC manufacturer in the world, sold 16 million computers in the 4th quarter of 2014 alone.
Google Chrome and Internet Explorer users are most vulnerable, while the Firefox browser appears to be largely unaffected as it has its own list of SSL certificate providers.
However, the good news is that it's not difficult to find out if you've been targeted. To find out if you've been affected by Superfish:
1. Open the Windows Control Panel. Search for “certificates.”
2. Follow the Administrative Toolds link to “manage computer certificates option.”
3. Follow the “Trusted Root Certification Authorities” link, then the “Certificates” link.
4. Try to find a certificate that includes mention of “Superfish Inc.” If it's there, you're vulnerable.
The bad news for anyone affected by the security flaw is that there is no sure-fire way to delete the certificate. The safest option, according to multiple security experts, is to back up your computer's most sensitive files and reinstall the entire operating system.
The glaring security flaw immediately prompted outrage and mockery from the tech punditry:
© Copyright IBTimes 2024. All rights reserved.