Number: IRCNE2015022430
Date: 2015/02/23
According to “cnet”, the computer manufacturer pre-installed adware on its own computers. The adware, Visual Discovery by Superfish, not only puts extra ads in your browser, but also opens a backdoor for hackers to spy on your browsing and steal personal data.
On Thursday security researchers warned that an adware program called Superfish, which was preloaded on some Lenovo consumer laptops, opened computers to attack. However, it seems that the same poorly designed and flawed traffic interception mechanism used by Superfish is also used in other software programs.
Superfish uses a man-in-the-middle proxy component to interfere with encrypted HTTPS connections, undermining the trust between users and websites. It does this by installing its own root certificate in Windows and uses that certificate to re-sign SSL certificates presented by legitimate websites.
Security researchers found two major issues with this implementation. First, the software used the same root certificate on all systems and second, the private key corresponding to that certificate was embedded in the program and was easy to extract.
With the key now public, malicious hackers can launch man-in-the-middle attacks via public Wi-Fi networks or compromised routers against users who have Superfish installed on their systems.
- 3