‘Superfish’ adware puts ads onto websites without users’ permission, and could leave the computer vulnerable
ANDREW GRIFFIN Thursday 19 February 2015
New Lenovo computers came shipped with software that forced ads onto the users and could have left them vulnerable to hacking.
The adware, known as “Superfish”, was made to push new third-party results into internet browsers — similar to the ads seen on sites like Google, but extra and coming from a source that wasn’t immediately identified. The adware meant that some sites wouldn’t render properly and worked slowly, as well as showing the unwanted results.
But as well as installing ads, the way the software works could allow hackers to look in on users’ internet browsing. Facebook engineer Mike Shaver noticed that Superfish installs a “man in the middle” certificate, which allows companies to intercept information as it is passed between a users’ computer and a website.
Superfish is seen by antivirus software as a virus, and they recommend uninstalling it.
The software appears to have been shipped with Lenovo computers since mid-2014.
The only way to be sure that new Lenovo laptops aren’t carrying the adware is to entirely delete windows and re-install it. But given that the software works secretly, most will be unaware it is running, and a clean install of Windows is a complicated and technical process that many consumer users might be unaware of.