Article Lead Image

Lenovo is selling PCs with ‘malicious’ adware that spies on you, puts you at risk

It's being called a 'nightmare scenario.'


Patrick Howell O'Neill


Posted on Feb 19, 2015   Updated on May 29, 2021, 12:20 pm CDT

In what’s being called a “violation” of users’ rights by experts, Chinese computer manufacturer Lenovo has been caught installing money-making adware that hijacks user’s Internet sessions and potentially allows both hackers and advertisers to intercept everything you do online—including your passwords and a variety of other sensitive data.

The adware, known as Superfish, intercepts private data for advertising purposes. It comes as a standard pre-installed program on Lenovo’s computers.

At the core of concerns surrounding Lenovo’s actions, which were recently brought to light by security researcher Chris Palmer, is that Superfish installs itself as what’s known as an unrestricted root certificate authority, which can intercept and imitate encrypted traffic for every website a user visits, from banking to email to Facebook.

In other words, hackers may be able to use Superfish to imitate anything from a user’s bank to an update from Microsoft. The adware infects every browser on a machine, and Google Chrome specifically provides no warning that Superfish is activated.

Experts warn that the key on the Superfish certificate is the same on every Lenovo computer, making it trivially easy for hackers to attack and exploit any Lenovo users who want to make a secure connection on the Internet.

Superfish, Inc. was recently called one of the fastest growing companies in America. Its adware automatically searches the Web based on the websites you visit in an effort to find products similar to those you look at to find cheaper prices.

Lenovo told BBC that it removed Superfish preloads from new systems in Jan. 2015 and disabled activation of the product. That proclamation came after initial user complaints began in 2014. Some users have shown that Superfish was active well into Jan. 2015, though it’s not clear exactly what date Lenovo claims the program was disabled.

Lenovo has told media outlets that it is currently conducting an investigation into concerns around Superfish.

Information security experts online have been raising the alarm and attempting to spread awareness of the issue for the past day:

 H/T Marc Rogers | Illustration via Max Fleishman

Share this article
*First Published: Feb 19, 2015, 11:52 am CST