OCS banner and logo
Keeping clients' computers safe and profitable for over 25 years



Home Forms About Current Newsletter subscribe 
Search All Articles

Browse by Category


powered by pmc2m

 

Lenovo installs dangerous Malware on new Laptops


Shocking news hit February 19th regarding Lenovo installing serious malware on their new laptops from September 2014 into February 2015. At first they denied, then said it wasn't a problem, then apologized and even put up instructions for removing it. Was this just stupid, or a Chinese government mandate, or both?

The Malware and new security issue


Lenovo has installed the SuperFish browser add-on software to watch you and present advertising when you browse the Internet for many years. This was just bad, not a critical security problem until Superfish changed their methodology.

What is different since September is that they decided they needed to look inside of secure Internet connections as well as regular ones. This means they wanted to break into your secure connections, like to your bank, or Amazon account, and track that as well. To do this they had to install a phony Certificate Authority that browsers would trust. Then the malware could act as a man in the middle to spy on your communications. The private certificate is now loose on the Internet for anyone to use.

How to check if you are infected

You can check here to see if you are infected:
https://filippo.io/Badfish/

How to remove it

Removal requires 2 steps:
  1. Uninstall the Superfish Malware
  2. Delete their phony certificate authority from all your browsers and even email clients.
This only needs to be done if you check out as infected on the above link. I'll be glad to do it for you if you like.

These instructions from the Electronic Frontier Foundation are excellent for removing the infection completely.

Related articles




Date: February 2015


Creative Commons License
This article is licensed under a Creative Commons Attribution-NoDerivs 3.0 Unported License.

 
 
  Please direct questions/suggestions about website to the webmaster