A corporation’s quest for cash can sometimes be harmless if they have properly thought it through. However in Lenovo’s case, this is not. The pre-installed adware named Superfish was caught of over-riding your security system that would then leave you vulnerable to cyber-attacks.
It is well and good that Lenovo uses adware for more gains, but when that adware potentially puts its users at risk from cyber-attacks, then it concerns not only the Lenovo corporation but also its consumers.
“Going forward, we feel quite strongly that we made a significant mistake here, or we missed something here.”
Lenovo CTO, Peter Hortensius
What Is Superfish?
An adware is a software developed for one purpose only, and that is to advertise. Some may be harmless but most are a threat as they are considered privacy invasive and Superfish Adware is surely one of them. This adware hijacks all secure HTTPS connections on infected PC’s which then leaves it vulnerable to attacks. The “S” on HTTPS means that the connection through the internet is secure. This involves banking sites, Paypal, and other important sites that involve sensitive information which only you should know. The Superfish can potentially use third party connections and gather sensitive information like usernames, passwords, bank details and the sort off of your system.
The Superfish is also capable of checking web traffic and sending that data onwards for its main purpose and that is to advertise. A security expert Kenn White also showed us on Twitter how it works by issuing a certificate to Bank of America but then Superfish changed the issuer’s name to its name instead of the usual VeriSign. It clearly shows us how dangerous Superfish Adware is.
Potentially Infected Lenovo PCs
The following are the Lenovo products that can potentially be at risk at the moment:
- G Series: G410, G510, G710, G40-70, G50-70, G40-30, G50-30, G40-45, G50-45
- U Series: U330P, U430P, U330Touch, U430Touch, U530Touch
- Y Series: Y430P, Y40-70, Y50-70
- Z Series: Z40-75, Z50-75, Z40-70, Z50-70
- S Series: S310, S410, S40-70, S415, S415Touch, S20-30, S20-30Touch
- Flex Series: Flex2 14D, Flex2 15D, Flex2 14, Flex2 15, Flex2 14(BTM), Flex2 15(BTM), Flex 10
- MIIX Series: MIIX2-8, MIIX2-10, MIIX2-11
- YOGA Series: YOGA2Pro-13, YOGA2-13, YOGA2-11BTM, YOGA2-11HSW
- E Series: E10-30
How To Remove Superfish
Thankfully, there are ways to get rid of this adware and since Windows Defender and McAfee update now removes this threat, you can just simply update your system and have a Superfish-free system. If you don’t use any of these protective softwares, you can just follow these easy steps by EEF.org.
Lenovo has also released a patch that could also remove Superfish too. However if this experience has already put you off Lenovo, you could try using all the anti-malware software to erase them instead.
Keep Safe And Be Prepared
We are currently living in a digital world which could mean that this error can put millions of users at risk. This just goes to show that even sitting safely in front of your desktop or laptop can still make you a victim of fraud and other online injustice that can occur. A few suggestions that I would like to recommend is having a trusted anti-virus and anti-malware software installed and to be sure that you are on a secured site. Always keep an eye out of HTTPS and you are safe!
