Superfish Adware Flaw allows hackers to have a field day!
The discovery of a serious flaw in Superfish adware has allowed hackers to have a field day! Lenovo unfortunately had preloaded the Superfish adware on it’s new computers manufactured prior to February, 2015, but has released a tool to eliminate the adware. The adware acts by not properly validating website certificates and weakening encryption so that it can be read.
The same code library is used by an Israeli company, Komodia, to circumvent Web encryption with a proxy. The flawed software allows hackers to create bogus certificates to mimic legitimate ones used by websites, including those of banks’ online access. The hijacked website would be redirected to the attacker’s bogus website. The victim’s browser would give no warning that this redirection was happening.
The Komodia software is at the root of these attacks which gives access to email, social media accounts, bank accounts and install malicious software which could read their encryption keys. Komodia software is used in parental control software and users which have that software are warned to remove it. See http://marcrogers.org/2015/02/19/will-the-madness-never-end-komodia-ssl-certificates-are-everywhere/.
Lenovo users are being told to go to a separate website to get the software removed, but the uninstall software tool does not remove the certificate from the root store.
I recommend removal of the software and that Malwarebyte’s scans and repairs, as well as virus scans be run on suspected computers as soon as possible.
If you need help removing this flaw, please give us a call to schedule in-home service or remote repair.