Malware comes preinstalled in some Lenovo products, Mashable reports. The adware, called Superfish, breaks secure website connections; it leads to irritating ads and puts sensitive user information vulnerable to security threats. In January, Lenovo confessed that some products are preinstalled with Superfish for advertising purposes. “Superfish comes with Lenovo consumer products only and is a technology that helps users find and discover products visually. The technology instantly analyzes images on the web and presents identical and similar product offers that may have lower prices,” a forum administrator said.
“Superfish is essentially cracking open secure connections and using its own fake certification to trick HTTPS connections, including Google, Facebook and any number of other sites that use the now-common security measure. That means that if the private key certificate is compromised, all Lenovo machines with Superfish installed could be at risk.” according to Mashable
Superfish tries to scout for ads by breaking HTTPS, which is meant to provide a secure connection. User data on connections that would not normally be visible are seen by Superfish. Experts say that Superfish interrupts encrypted connections in a manner that leaves users vulnerable to security threats; hackers are more likely to steal sensitive data, such as banking information. The malware does this through a “man-in-the-middle” strategy in which it installs its own root certificate on Windows systems. This makes it look as if the program is allowed to be there. For example, when a user logs onto a banking site, there is typically a lock icon showing that the connection is secure and private. However, Superfish is able to view this data.