Superfish is an Adware that came pre-installed with Lenovo PC’s and laptop. Recently, it was discovered that Superfish Adware got flaws inside, which can be exploited by hackers to steal information. Superfish is now considered malware, since its presence is a security threat. So if you recently bought one from Lenovo, you should check if you got this security threat.
What does superfish do
Superfish is an Adware designed to display ads. So an Adware programmer design it like a normal program. Adware is installed just like a normal program and it can be seen in the list of installed programs (Add/Remove programs or Programs and Features). An Adware is not designed to infect or create havoc inside a system. Adwares are normally considered nuisance and not considered a threat like infections like Virus, Trojans etc. Lenovo apparently installed the Adware in every PC and laptop to show the ads from their sponsors.
The problem with Superfish is that it got loopholes which can be exploited by the hackers. Superfish is said to inject a security certificate which is the same for all PC’s. Security certificates are used for browsing secure websites which starts with https. Since the security certificate is same for all computers infected by Superfish, it is easy for a hacker to get into multiple computers using Superfish.
After-effects after discovering Superfish
- Lenovo finally admitted the presence of Superfish and apologized for putting their customers at risk.But they maintain, that they never was aware of the threat that it posed to the users. Lenovo also confirmed stopping the use of Superfish, as early as Jan 2015. To make it easy for the customers to remove the malware, Lenovo has now released an Superfish Removal Tool to completely remove Superfish from a computer.
- Lenovo is also offering consumers affected by Superfish, a 6 months free subscription to McAfee LiveSafe.
- Microsoft is also doing its part in compacting the infection. They recently released update for Windows defender to root out the security certificates installed by Superfish inside the computer. It reset the SSL certificate to normal to undo the changes made by the presence of Superfish.
How to detect Superfish Malware
- Go to this link to detect superfish. Once the window is open, it immediately check the presence of security certificate installed by Superfish. The program is designed to check for presence of Superfish and PrivDog malware. After checking SSL security certificate, they will let you know in simple language if the browser is infected just like the picture below.
Remove Superfish Malware
- Go to Lenovo’s Superfish Removal Tool.
- Run the tool. Restart computer and you should be free of Superfish malware.
You can also manually remove Superfish malware
- Press Windows Key + R to open Run window. Type appwiz.cpl.
- Check if there is an entry Superfish Inc. VisualDiscovery.Uninstall it.<l/i>
How to confirm there is no more Supefish Malware
- Press Windows Key + R to open Run window
- Type certmgr.msc. This will open a window which show the certificate list inside your computer
- On the left side, expand Trusted Root Certification Authorities. click on certificates
- On the right side, check if you have Superfish , Inc. If not, you are free of Superfish malware.
If you are still suspicious of the softwares installed by Lenovo in your PC, use a software like Decrap to look for and uninstall suspicious software.