thai tech Posted February 19, 2015 Share Posted February 19, 2015 Lenovo found guilty of shipping new PCs with Superfish adwareLenovo has been under fire today after it was discovered that it has been shipping new PCs with pre-installed adware called Superfish.Have you recently bought a Lenovo computer? You ought to check if it has any adware on it, as it seems that the Chinese computer company has been shipping all new models with the Superfish adware program.Users on official Lenovo forums recently noticed that search results (e.g. in Google) were being injected with sponsored links (which is pretty much what happens when a machine becomes infected with adware or spyware), going as far back as September 2015, and some users even report that websites such as JetBlue wouldn’t be displayed properly at all.Read more: http://tech.thaivisa.com/lenovo-pcs-superfish-adware/5047/ Link to comment Share on other sites More sharing options...
IMHO Posted February 19, 2015 Share Posted February 19, 2015 I wonder if this Superfish software will give you some alternate suggestions to Lenovo the next time you search for a new laptop? 1 Link to comment Share on other sites More sharing options...
Popular Post RichCor Posted February 19, 2015 Popular Post Share Posted February 19, 2015 [...] that search results (e.g. in Google) were being injected with sponsored links (which is pretty much what happens when a machine becomes infected with adware or spyware), going as far back as September 2015 ...Pretty much what also happens when the editor doesn't have it's clock set correctly. 3 Link to comment Share on other sites More sharing options...
Xircal Posted February 19, 2015 Share Posted February 19, 2015 According to the Dutch Press, it's a little more serious than just adware. The SSL certificate can be hijacked and used to redirect users to a malware site. A security researcher by the name of Erik Loman demonstrated that fact on his Twitter account because at the time, it was thought that only Google Chrome and Internet Explorer were vulnerable, but not Firefox. As can be seen from his tweet, the Dutch bank site ING.nl shows Superfish as the Certificate Authority instead of Symantec: https://twitter.com/erikloman/status/568421667330002944 If the adware is installed on your laptop, you should be able to see it in Windows Task Manager in the Processes list. It's called visualdiscovery.exe More details here: http://systemexplorer.net/file-database/file/visualdiscovery-exe I woud expect that Mozilla will blacklist the Superfish certificate sometime within the next 24 hours. They're usually pretty quick at safeguarding users as soon as they become aware of a vulnerability, unlike Microsoft who probably won't address the issue until the next Patch Tuesday. Link to comment Share on other sites More sharing options...
nikster Posted February 20, 2015 Share Posted February 20, 2015 Basically shitty, scammy software which also leaves your computer wide open to attacks. It's a disgrace that Lenovo initially responded by saying they'd "fix" that POS software. They later changed to say it would be removed and disabled. It is baffling how this ever got released though - does not bode well for the company. Either they're clueless, or .... I mean one has to wonder how this ever got on there, who thought it was a good idea. Would definitely avoid Lenovo if shopping for a PC. Link to comment Share on other sites More sharing options...
siam2007 Posted February 20, 2015 Share Posted February 20, 2015 How come I am not surprised at all....... but for sure they have scored one giant own goal as this affair will cost them Tens of Millions of lost revenue because many customers will simply SHUN all Lenovo products from now on (including myself). Sell the Lenovo shares as quickly as you can (they went up more than 60% during thew past twelve months so this is a great time to secure the gains anyway ^^ ) Link to comment Share on other sites More sharing options...
RichCor Posted February 20, 2015 Share Posted February 20, 2015 Latest: Lenovo admits to Superfish screw-up, will release clean-up tool Lucian Constantin (PCWORLD) Feb 19, 2015 4:10 PM Lenovo Apologizes After It ‘Messed Up’ With Tracking Software by Jordan Robertson (BlumbergBusiness) February 20, 2015 5:03 AM DAVT The Threats of Lenovo's SuperfIsh Malware and How to Fix It By Ryan Egan (TechSmash) February 19, 2015 Link to comment Share on other sites More sharing options...
JohnnyJazz Posted February 20, 2015 Share Posted February 20, 2015 It would be fair to publish Lenovo statement regarding this problem, to be found here : http://news.lenovo.com/article_display.cfm?article_id=1929 Link to comment Share on other sites More sharing options...
Crossy Posted February 20, 2015 Share Posted February 20, 2015 PC shopping list:- Lenovo But which other companies are playing the same game? Link to comment Share on other sites More sharing options...
koo wallety tourist Posted February 20, 2015 Share Posted February 20, 2015 (edited) looks like it successfully injected into thaivisa too. good work to those who spotted it, a real feat indeed Edited February 20, 2015 by koo wallety tourist Link to comment Share on other sites More sharing options...
IMHO Posted February 20, 2015 Share Posted February 20, 2015 (edited) It would be fair to publish Lenovo statement regarding this problem, to be found here : http://news.lenovo.com/article_display.cfm?article_id=1929 I stopped reading at the very first lie: In our effort to enhance our user experience Riiigght. Installing this crapware was all about enhancing user experience, the fat payments they received from Superfish in return were nothing to do with it. Edited February 20, 2015 by IMHO Link to comment Share on other sites More sharing options...
IMHO Posted February 20, 2015 Share Posted February 20, 2015 PC shopping list:- Lenovo But which other companies are playing the same game? I don't think I've ever bought a Windows machine with pre-loaded OS that didn't have at least one form of crapware on it. Back in the old days, at least it was just a trialware/crippleware version of McAfee or Norton, and maybe a trialware version of Office, and they were both visible and easy to remove... I switched our whole enterprise to Apple workstations around 4 years ago. Things like this are now a distant memory - now all we need to do is remove the non-crippled, but yet still crap, standard Apple apps like Numbers, Keynote, Pages etc. Link to comment Share on other sites More sharing options...
Maestro Posted February 20, 2015 Share Posted February 20, 2015 19 February 2015 Last updated at 12:30 GMT Lenovo taken to task over 'malicious' adware By Jane Wakefield Technology reporter Computer maker Lenovo has been forced to remove hidden adware that it was shipping on its laptops and PCs after users expressed anger. The adware - dubbed Superfish - was potentially compromising their security, said experts. The hidden software was also injecting adverts on to browsers using techniques more akin to malware, they added. Read more: http://www.bbc.com/news/technology-31533028 -- BBC 2015-02-19 Link to comment Share on other sites More sharing options...
Maestro Posted February 20, 2015 Share Posted February 20, 2015 According to the BBC article, Lenovo's malware pops up adverts that the user never asked for. This is a horrible thing for Lenovo to do. 1 Link to comment Share on other sites More sharing options...
Crossy Posted February 20, 2015 Share Posted February 20, 2015 This has the potential to seriously damage Lenovo's credibility. Even if their 'pro' equipment didn't ship with malware, risk-averse corporate clients will be dumping the brand like hot potatoes unwilling to take the risk with a brand that has been demonstrated as a security risk. Foolish beyond compare. 1 Link to comment Share on other sites More sharing options...
phazey Posted February 20, 2015 Share Posted February 20, 2015 This has the potential to seriously damage Lenovo's credibility. Even if their 'pro' equipment didn't ship with malware, risk-averse corporate clients will be dumping the brand like hot potatoes unwilling to take the risk with a brand that has been demonstrated as a security risk. Foolish beyond compare. Whilst true, most corporates who are serious about security will have their own "hardened" operating systems to install, and the first thing they'll do is wipe factory installed software. 1 Link to comment Share on other sites More sharing options...
bendejo Posted February 20, 2015 Share Posted February 20, 2015 Let's see how the 'free market' responds to this news. I can see the new ads already. Lenovo We no longer spy on you, honestly! Prediction: Lenovo will have to change its name. Could be some deep discounts in a few months; bring it home, and the first order of business will be to scrub the disk. Link to comment Share on other sites More sharing options...
NeverSure Posted February 21, 2015 Share Posted February 21, 2015 Lenovo is a Chinese company that bought the IBM line of computers some time back. They also recently bought the Motorola brand of smartphones. I wouldn't buy a danged thing from them. Even though many other countries have things made in China, they have control over them (I hope.) This is a Chinese hack. Link to comment Share on other sites More sharing options...
DaveBKK Posted February 21, 2015 Share Posted February 21, 2015 This is a Chinese hack. Actually Superfish is a Silicon Valley company with what seems quite a bit of Israeli VC money and management. 1 Link to comment Share on other sites More sharing options...
canuckamuck Posted February 21, 2015 Share Posted February 21, 2015 Nothing worse than ads all over the place 1 Link to comment Share on other sites More sharing options...
Xircal Posted February 21, 2015 Share Posted February 21, 2015 Lenovo has released a Superfish removal tool which also removes the SSL certificate which could be used to hijack a banking session. Download link: http://download.lenovo.com/pccbbs/thinkvantage_en/metroapps/SuperFishRemovalTool/1.0.2.0/Lenovo.SuperFishRemovalTool.exe Virustotal reports the download link to be clean: https://www.virustotal.com/en/url/51602da22cc5cbf2eb377896a8bb9890b60c832e6d19ab105672e353b892927c/analysis/ Link to comment Share on other sites More sharing options...
GanDoonToonPet Posted February 21, 2015 Share Posted February 21, 2015 (edited) They still make good quality products at a reasonable price & as I do a clean install on every laptop I buy, I'll still continue to patronise them. Saying that, my s930 smartphone is full of 'bloatware' that I can't uninstall. Still, what do you expect at 6" for 6000B? Edited February 21, 2015 by GanDoonToonPet Link to comment Share on other sites More sharing options...
Kf6vci Posted February 23, 2015 Share Posted February 23, 2015 http://lp.ilividnewtab.com/?sysid=533&appid=104&lpid=4064&subid=u656c693d54e9d21652a883f356 Above is one such PUP generated by some malware. It's not the Superfish - but works similarly. A dozen malware suites failed to remove it. Malwarebytes, Adw, ... Adaware, ... i checked the browsers' settings and failed to find any extensions. Even checked certificates and removed a few. In the registry, I removed Rocket something but the nightmare continues. Q: what else should I try? Cheers, Chris Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now