Jump to content

Lenovo found guilty of shipping new PCs with Superfish adware


Recommended Posts

Posted

Lenovo found guilty of shipping new PCs with Superfish adware

Lenovo has been under fire today after it was discovered that it has been shipping new PCs with pre-installed adware called Superfish.

Have you recently bought a Lenovo computer? You ought to check if it has any adware on it, as it seems that the Chinese computer company has been shipping all new models with the Superfish adware program.

Users on official Lenovo forums recently noticed that search results (e.g. in Google) were being injected with sponsored links (which is pretty much what happens when a machine becomes infected with adware or spyware), going as far back as September 2015, and some users even report that websites such as JetBlue wouldn’t be displayed properly at all.

Read more: http://tech.thaivisa.com/lenovo-pcs-superfish-adware/5047/

Posted

I wonder if this Superfish software will give you some alternate suggestions to Lenovo the next time you search for a new laptop? :P

  • Like 1
Posted

According to the Dutch Press, it's a little more serious than just adware. The SSL certificate can be hijacked and used to redirect users to a malware site.

A security researcher by the name of Erik Loman demonstrated that fact on his Twitter account because at the time, it was thought that only Google Chrome and Internet Explorer were vulnerable, but not Firefox. As can be seen from his tweet, the Dutch bank site ING.nl shows Superfish as the Certificate Authority instead of Symantec: https://twitter.com/erikloman/status/568421667330002944

If the adware is installed on your laptop, you should be able to see it in Windows Task Manager in the Processes list. It's called visualdiscovery.exe

More details here: http://systemexplorer.net/file-database/file/visualdiscovery-exe

I woud expect that Mozilla will blacklist the Superfish certificate sometime within the next 24 hours. They're usually pretty quick at safeguarding users as soon as they become aware of a vulnerability, unlike Microsoft who probably won't address the issue until the next Patch Tuesday.

Posted

Basically shitty, scammy software which also leaves your computer wide open to attacks.

It's a disgrace that Lenovo initially responded by saying they'd "fix" that POS software. They later changed to say it would be removed and disabled. It is baffling how this ever got released though - does not bode well for the company. Either they're clueless, or .... I mean one has to wonder how this ever got on there, who thought it was a good idea.

Would definitely avoid Lenovo if shopping for a PC.

Posted

How come I am not surprised at all....... but for sure they have scored one giant own goal as this affair will cost them Tens of Millions of lost revenue because many customers will simply SHUN all Lenovo products from now on (including myself).

Sell the Lenovo shares as quickly as you can (they went up more than 60% during thew past twelve months so this is a great time to secure the gains anyway ^^ )

Posted (edited)

It would be fair to publish Lenovo statement regarding this problem, to be found here :

http://news.lenovo.com/article_display.cfm?article_id=1929

I stopped reading at the very first lie:

In our effort to enhance our user experience

Riiigght. Installing this crapware was all about enhancing user experience, the fat payments they received from Superfish in return were nothing to do with it.

Edited by IMHO
Posted

PC shopping list:-

Lenovo

But which other companies are playing the same game?

I don't think I've ever bought a Windows machine with pre-loaded OS that didn't have at least one form of crapware on it. Back in the old days, at least it was just a trialware/crippleware version of McAfee or Norton, and maybe a trialware version of Office, and they were both visible and easy to remove...

I switched our whole enterprise to Apple workstations around 4 years ago. Things like this are now a distant memory - now all we need to do is remove the non-crippled, but yet still crap, standard Apple apps like Numbers, Keynote, Pages etc.

Posted

19 February 2015 Last updated at 12:30 GMT

Lenovo taken to task over 'malicious' adware
By Jane Wakefield
Technology reporter
Computer maker Lenovo has been forced to remove hidden adware that it was shipping on its laptops and PCs after users expressed anger.
The adware - dubbed Superfish - was potentially compromising their security, said experts.
The hidden software was also injecting adverts on to browsers using techniques more akin to malware, they added.
bbclogo.jpg
-- BBC 2015-02-19
Posted

According to the BBC article, Lenovo's malware pops up adverts that the user never asked for. This is a horrible thing for Lenovo to do.

  • Like 1
Posted

This has the potential to seriously damage Lenovo's credibility.

Even if their 'pro' equipment didn't ship with malware, risk-averse corporate clients will be dumping the brand like hot potatoes unwilling to take the risk with a brand that has been demonstrated as a security risk.

Foolish beyond compare.

  • Like 1
Posted

This has the potential to seriously damage Lenovo's credibility.

Even if their 'pro' equipment didn't ship with malware, risk-averse corporate clients will be dumping the brand like hot potatoes unwilling to take the risk with a brand that has been demonstrated as a security risk.

Foolish beyond compare.

Whilst true, most corporates who are serious about security will have their own "hardened" operating systems to install, and the first thing they'll do is wipe factory installed software.

  • Like 1
Posted

Let's see how the 'free market' responds to this news. I can see the new ads already.

Lenovo

We no longer spy on you, honestly!

Prediction: Lenovo will have to change its name.

Could be some deep discounts in a few months; bring it home, and the first order of business will be to scrub the disk.

Posted

Lenovo is a Chinese company that bought the IBM line of computers some time back. They also recently bought the Motorola brand of smartphones.

I wouldn't buy a danged thing from them.

Even though many other countries have things made in China, they have control over them (I hope.)

This is a Chinese hack.

Posted

Lenovo has released a Superfish removal tool which also removes the SSL certificate which could be used to hijack a banking session. Download link: http://download.lenovo.com/pccbbs/thinkvantage_en/metroapps/SuperFishRemovalTool/1.0.2.0/Lenovo.SuperFishRemovalTool.exe

Virustotal reports the download link to be clean: https://www.virustotal.com/en/url/51602da22cc5cbf2eb377896a8bb9890b60c832e6d19ab105672e353b892927c/analysis/

Posted (edited)

They still make good quality products at a reasonable price & as I do a clean install on every laptop I buy, I'll still continue to patronise them. Saying that, my s930 smartphone is full of 'bloatware' that I can't uninstall. Still, what do you expect at 6" for 6000B? laugh.png

Edited by GanDoonToonPet
Posted

http://lp.ilividnewtab.com/?sysid=533&appid=104&lpid=4064&subid=u656c693d54e9d21652a883f356

Above is one such PUP generated by some malware. It's not the Superfish - but works similarly.

A dozen malware suites failed to remove it. Malwarebytes, Adw, ... Adaware, ...

i checked the browsers' settings and failed to find any extensions.

Even checked certificates and removed a few.

In the registry, I removed Rocket something but the nightmare continues.

Q: what else should I try?

Cheers,

Chris

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.



×
×
  • Create New...