October 5th, 2015
Lenovo Owners Alert!
Here’s a community message to all Lenovo owners who bought their computer end 2014: Your computer may be pre-installed with an adware from Lenovo. It’s called the SuperFish adware. What it does is to plant and place advertisements in your browser whenever you surf your Internet. However, because of its security certificate which are self-signed certificate, any HTTPS website (secured website such as Internet banking) could be vulnerable to the man-in-the-middle (MITM) attack as all the secured website would signed by Superfish’s certificate instead of the original bank’s certificate, and hence still be considered valid.
So what it means, is that I could replace the legit bank website with ANY https-enabled website and I can spoof the page to get your user ID and login password and you will not know anything amiss had happened. Scary? I bet it is. Are you vulnerable? If you have used or suspect that you may have downloaded some adware atg some point earlier on, you may wish to head over to https://filippo.io/Badfish/ to check whether you are vulnerable to this.
The list on Lenovo’s website indicated that Superfish may have appeared on these models:
- G Series: G410, G510, G710, G40-70, G50-70, G40-30, G50-30, G40-45, G50-45, G40-80
- U Series: U330P, U430P, U330Touch, U430Touch, U530Touch
- Y Series: Y430P, Y40-70, Y50-70, Y40-80, Y70-70
- Z Series: Z40-75, Z50-75, Z40-70, Z50-70, Z70-80
- S Series: S310, S410, S40-70, S415, S415Touch, S435, S20-30, S20-30Touch
- Flex Series: Flex2 14D, Flex2 15D, Flex2 14, Flex2 15, Flex2 Pro, Flex 10
- MIIX Series: MIIX2-8, MIIX2-10, MIIX2-11, MIIX 3 1030
- YOGA Series: YOGA2Pro-13, YOGA2-13, YOGA2-11, YOGA3 Pro
- E Series: E10-30
That’s a lot of models, isn’t it?
If indeed you are affected, please follow the instructions in this link to remove the Superfish software.