Lenovo CTO admits SuperFish adware Spoof attack, Is this the end of problem ? or Just the Beginning ?

Posted by Ahmed Nabil | 1 comments»
Lenovo CTO admits the problem of SuperFish adware which was loaded on several consumer Lenovo PCs/Laptops and confirms the company has published the needed removal tools

http://www.pcworld.com/article/2886690/lenovo-cto-admits-company-messed-up-and-will-publish-superfish-removal-tool-on-friday.html

Lenovo additionally is promising its customers with a more cleaner and safer future products in attempt to save its reputation after what happened lately with the SuperFish.

http://news.lenovo.com/article_display.cfm?article_id=1934


How did the story begin ?

Lenovo came under fire last Month (February) after it was discovered that it was preinstalling the SuperFish Adware on Lenovo Laptops since 2010. The reports came heavily from different sources confirming this fact until Lenovo itself admitted the issue and released a removal tool.


http://www.cyberdefensemagazine.com/lenovo-sold-laptop-with-pre-installed-superfish-malware/

http://www.zdnet.com/article/lenovo-accused-of-pushing-superfish-self-signed-mitm-proxy/


The United States Cert (US-Cert) released this issue as a spoofing attack https://www.us-cert.gov/ncas/alerts/TA15-051A

Lately The United States Department of Homeland security asked Lenovo to uninstall SuperFish from its products http://www.reuters.com/article/2015/02/20/us-lenovo-cybersecurity-dhs-idUSKBN0LO21U20150220


What is SuperFish ?

Its an advertising company based in California and was founded in Israel back in 2006 developing various advertising software based on visual search engine. This Adware installs its own certificate and act as a Man in the Middle proxy with HTTPS connections that are encrypted making users vulnerable.

For More details on how it work, please check the following link:

http://www.forbes.com/sites/thomasbrewster/2015/02/19/superfish-need-to-know/



Microsoft and MacAfee Antivirus reacted quickly and their engines were updated to remove the SuperFish vulnerability from Lenovo Laptops

http://mashable.com/2015/02/21/microsoft-mcafee-lenovo-superfish/



Will this end the problem ? Well many of the consumers and IT professionals already blacklisted Lenovo Laptops and they won't be using it anymore. A Lawsuit is already filed against Lenovo although they admitted it was a mistake. For more details please check the following article:

http://www.computerweekly.com/news/2240241032/Lenovo-faces-lawsuit-for-pre-installing-Superfish-adware


Things didn't stop on the Lenovo reputation or the legal actions, Actually things are getting worse, it was tracked that the SuperFish is based on a 3rd party SDK (Software Development Kit) called SSL Decoder created by an Israeli company named Komodia. Several users now are compiling lists of software and applications using this SDK.

For more details, please check the following article:

http://www.pcworld.com/article/2887253/superfish-vulnerability-traced-to-other-apps-too.html

So what should we do in this totally un-secure environment, I believe we should stick back to the basis as educating users and our selves. The Internet can be a good educational place but at the same time there is this dark side that no one would like to face nowadays.

We need to be extra cautious for Public Wi-Fi networks, regularly check our passwords and ensure they are hardened, regularly check our Credit Cards and ensure our devices are protected by at least two protection layers (Personal Firewall, Antivirus/Spyware and Vulnerability scanners).


Securing our devices is getting harder and threats are changing all the time and sometimes are shipped with trusted software. We need to be extra cautious as long as we are on the Internet.






1 Comments
Comments

1 comments:

Post a Comment