Superfish: What is this snooping adware and how to get rid of it

In an effort to increase ad revenue, Lenovo preloaded its computers with Superfish, an adware that creates its own security certificates without user's knowledge.

Jeff Chiu/AP/File
An Acer Aspire laptop, left, and a Lenovo IdeaPad U310 Touch are displayed at a demo table at a Microsoft event in San Francisco, Calif. in June 2013.

Some computers come preloaded with perks such as photo or word-processing programs. However, if you're a Lenovo customer, there may be a preloaded program on your computer that isn't an added bonus: ad software that can spy on your private transactions.

Lenovo preloaded an adware program, nicknamed Superfish, onto computers that had the ability to view messages on secure platforms by creating its own security certificates, and insert third-party ads without the owner’s permission.

When the issue came to light on user forums last fall, there was significant outrage and Lenovo has since stopped preloading this software. But two questions remain – what data could the company see, and what should you do if you have a Lenovo PC with Superfish?

The adware was originally designed to advertise cheaper prices on products that users want to purchase by scanning and searching websites the user browses. However, the method in which it does this has come under intense scrutiny.

Lenovo allowed Superfish to create its own SSL certificates when a secure website requested one. Ordinarily, an SSL certificate assures the website (any site from Amazon to online banking) that the connection is secure. However, since Superfish was creating the certificate itself, it was essentially gleaning data through a technique known in the malware world as “man in the middle.” Superfish could see any information passed between the user and the secure site, without the user’s permission. Essentially, Superfish was able to read data and create ads on sites that were supposed to be secure and private.

On Thursday, a security expert posted an example of this on Twitter: a screen shot of Superfish issuing a security certificate to Bank of America. Several security researchers also pointed out that this makes Lenovo vulnerable to hackers who could co-opt the security certificates.

Lenovo has stopped preloading computers with Superfish, and maintains the software did not present any security concerns.

That being said, the adware was loaded onto select Lenovo computers over the past two years. Do you have a Lenovo computer that fits the criteria? Check if you have Superfish here.

If you are affected, you may have to do some serious scrubbing of your browsers and operating system. Security expert Troy Hunt tells Forbes that installing a “clean version” of Windows may be the only way to ensure that Superfish isn’t still following your online tracks. Researchers have found that uninstalling the software doesn’t clean up the security certificate problem.

Though Lenovo is sticking to its story that Superfish wasn’t harmful, it doesn’t bode well for the image of the Chinese tech brand. It also brings up a question that more computers and software companies grapple with: is the advertising revenue worth potentially compromising customer security? 

of stories this month > Get unlimited stories
You've read  of  free articles. Subscribe to continue.

Unlimited digital access $11/month.

Get unlimited Monitor journalism.