Jump to content
All visa questions and fresh Immigration updates here ×

Lenovo found guilty of shipping new PCs with Superfish adware

thai tech

By thai tech
in IT and Computers

 Share

Recommended Posts

thai tech Silver Member

thai tech

Posted
Posted

Lenovo found guilty of shipping new PCs with Superfish adware

Lenovo has been under fire today after it was discovered that it has been shipping new PCs with pre-installed adware called Superfish.

Have you recently bought a Lenovo computer? You ought to check if it has any adware on it, as it seems that the Chinese computer company has been shipping all new models with the Superfish adware program.

Users on official Lenovo forums recently noticed that search results (e.g. in Google) were being injected with sponsored links (which is pretty much what happens when a machine becomes infected with adware or spyware), going as far back as September 2015, and some users even report that websites such as JetBlue wouldn’t be displayed properly at all.

Read more: http://tech.thaivisa.com/lenovo-pcs-superfish-adware/5047/

Link to comment
Share on other sites
  • Popular Post
RichCor Platinum Member

RichCor

Posted
  • Popular Post
Posted

[...] that search results (e.g. in Google) were being injected with sponsored links (which is pretty much what happens when a machine becomes infected with adware or spyware), going as far back as September 2015

...Pretty much what also happens when the editor doesn't have it's clock set correctly. ermm.gif

  • Like 3
Link to comment
Share on other sites
Xircal Silver Member

Xircal

Posted
Posted

According to the Dutch Press, it's a little more serious than just adware. The SSL certificate can be hijacked and used to redirect users to a malware site.

A security researcher by the name of Erik Loman demonstrated that fact on his Twitter account because at the time, it was thought that only Google Chrome and Internet Explorer were vulnerable, but not Firefox. As can be seen from his tweet, the Dutch bank site ING.nl shows Superfish as the Certificate Authority instead of Symantec: https://twitter.com/erikloman/status/568421667330002944

If the adware is installed on your laptop, you should be able to see it in Windows Task Manager in the Processes list. It's called visualdiscovery.exe

More details here: http://systemexplorer.net/file-database/file/visualdiscovery-exe

I woud expect that Mozilla will blacklist the Superfish certificate sometime within the next 24 hours. They're usually pretty quick at safeguarding users as soon as they become aware of a vulnerability, unlike Microsoft who probably won't address the issue until the next Patch Tuesday.

Link to comment
Share on other sites
nikster Diamond Member

nikster

Posted
Posted

Basically shitty, scammy software which also leaves your computer wide open to attacks.

It's a disgrace that Lenovo initially responded by saying they'd "fix" that POS software. They later changed to say it would be removed and disabled. It is baffling how this ever got released though - does not bode well for the company. Either they're clueless, or .... I mean one has to wonder how this ever got on there, who thought it was a good idea.

Would definitely avoid Lenovo if shopping for a PC.

Link to comment
Share on other sites
siam2007 Gold Member

siam2007

Posted
Posted

How come I am not surprised at all....... but for sure they have scored one giant own goal as this affair will cost them Tens of Millions of lost revenue because many customers will simply SHUN all Lenovo products from now on (including myself).

Sell the Lenovo shares as quickly as you can (they went up more than 60% during thew past twelve months so this is a great time to secure the gains anyway ^^ )

Link to comment
Share on other sites
RichCor Platinum Member

RichCor

Posted
Posted

Latest:

Lenovo admits to Superfish screw-up, will release clean-up tool

Lucian Constantin (PCWORLD) Feb 19, 2015 4:10 PM
by Jordan Robertson (BlumbergBusiness) February 20, 2015 5:03 AM DAVT
By Ryan Egan (TechSmash) February 19, 2015
Link to comment
Share on other sites
IMHO Platinum Member

IMHO

Posted
Posted (edited)

It would be fair to publish Lenovo statement regarding this problem, to be found here :

http://news.lenovo.com/article_display.cfm?article_id=1929

I stopped reading at the very first lie:

In our effort to enhance our user experience

Riiigght. Installing this crapware was all about enhancing user experience, the fat payments they received from Superfish in return were nothing to do with it.

Edited by IMHO
Link to comment
Share on other sites
IMHO Platinum Member

IMHO

Posted
Posted

PC shopping list:-

Lenovo

But which other companies are playing the same game?

I don't think I've ever bought a Windows machine with pre-loaded OS that didn't have at least one form of crapware on it. Back in the old days, at least it was just a trialware/crippleware version of McAfee or Norton, and maybe a trialware version of Office, and they were both visible and easy to remove...

I switched our whole enterprise to Apple workstations around 4 years ago. Things like this are now a distant memory - now all we need to do is remove the non-crippled, but yet still crap, standard Apple apps like Numbers, Keynote, Pages etc.

Link to comment
Share on other sites
Maestro Star Member

Maestro

Posted
Posted

19 February 2015 Last updated at 12:30 GMT

Lenovo taken to task over 'malicious' adware
By Jane Wakefield
Technology reporter
Computer maker Lenovo has been forced to remove hidden adware that it was shipping on its laptops and PCs after users expressed anger.
The adware - dubbed Superfish - was potentially compromising their security, said experts.
The hidden software was also injecting adverts on to browsers using techniques more akin to malware, they added.
bbclogo.jpg
-- BBC 2015-02-19
Link to comment
Share on other sites
Crossy Star Member

Crossy

Posted
Posted

This has the potential to seriously damage Lenovo's credibility.

Even if their 'pro' equipment didn't ship with malware, risk-averse corporate clients will be dumping the brand like hot potatoes unwilling to take the risk with a brand that has been demonstrated as a security risk.

Foolish beyond compare.

  • Like 1
Link to comment
Share on other sites
phazey Gold Member

phazey

Posted
Posted

This has the potential to seriously damage Lenovo's credibility.

Even if their 'pro' equipment didn't ship with malware, risk-averse corporate clients will be dumping the brand like hot potatoes unwilling to take the risk with a brand that has been demonstrated as a security risk.

Foolish beyond compare.

Whilst true, most corporates who are serious about security will have their own "hardened" operating systems to install, and the first thing they'll do is wipe factory installed software.

  • Like 1
Link to comment
Share on other sites
bendejo Ruby Member

bendejo

Posted
Posted

Let's see how the 'free market' responds to this news. I can see the new ads already.

Lenovo

We no longer spy on you, honestly!

Prediction: Lenovo will have to change its name.

Could be some deep discounts in a few months; bring it home, and the first order of business will be to scrub the disk.

Link to comment
Share on other sites
NeverSure Star Member

NeverSure

Posted
Posted

Lenovo is a Chinese company that bought the IBM line of computers some time back. They also recently bought the Motorola brand of smartphones.

I wouldn't buy a danged thing from them.

Even though many other countries have things made in China, they have control over them (I hope.)

This is a Chinese hack.

Link to comment
Share on other sites
Xircal Silver Member

Xircal

Posted
Posted

Lenovo has released a Superfish removal tool which also removes the SSL certificate which could be used to hijack a banking session. Download link: http://download.lenovo.com/pccbbs/thinkvantage_en/metroapps/SuperFishRemovalTool/1.0.2.0/Lenovo.SuperFishRemovalTool.exe

Virustotal reports the download link to be clean: https://www.virustotal.com/en/url/51602da22cc5cbf2eb377896a8bb9890b60c832e6d19ab105672e353b892927c/analysis/

Link to comment
Share on other sites
GanDoonToonPet Senior Member

GanDoonToonPet

Posted
Posted (edited)

They still make good quality products at a reasonable price & as I do a clean install on every laptop I buy, I'll still continue to patronise them. Saying that, my s930 smartphone is full of 'bloatware' that I can't uninstall. Still, what do you expect at 6" for 6000B? laugh.png

Edited by GanDoonToonPet
Link to comment
Share on other sites
Kf6vci Gold Member

Kf6vci

Posted
Posted

http://lp.ilividnewtab.com/?sysid=533&appid=104&lpid=4064&subid=u656c693d54e9d21652a883f356

Above is one such PUP generated by some malware. It's not the Superfish - but works similarly.

A dozen malware suites failed to remove it. Malwarebytes, Adw, ... Adaware, ...

i checked the browsers' settings and failed to find any extensions.

Even checked certificates and removed a few.

In the registry, I removed Rocket something but the nightmare continues.

Q: what else should I try?

Cheers,

Chris

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.







×
×
  • Create New...