How Lenovo's Superfish Works and How to Stop it

March 03, 2016


Lenovo would disagree, but SuperFish has been described as malware or an adware pusher and you should understand what it really does and how to stop it. First of all, SuperFish came pre-installed on Lenovo consumer laptops between September and December last year. If you’re not using a Lenovo computer, then you are pretty much safe from this malware.

What SuperFish does and the danger it poses

From what Lenovo tells us, SuperFish helps users to find and discover products visually. The technology instantly analyzes images in websites and presents identical and similar product offers that may have lower prices. It helps someone to search for images without knowing exactly what the item is called or how to describe it in a typical text-based search engine. Additionally, SuperFish uses context and images. It doesn’t rely on behavior and therefore it doesn’t monitor nor profile its users.

Lenovo, along with SuperFish, also claims a self-signed certificate as a trusted party that freely allows it to generate an encryption certificate for sites like Facebook and Google. This enables it to see a user’s traffic and change it in any way it wants it. This trust can be easily abused to spy on its users, but Lenovo claims it does not.

The threat with this malware occurs if a hacker gets hold of SuperFish’s encryption method and uses it to intercept someone’s traffic. Anyone who can extract the private key that SuperFish uses to sign its certificate could use it to spy on people using Lenovo laptops in the same network.

Fortunately, Lenovo has disabled SuperFish and no longer includes it as pre-installed software in new Lenovo computers. If you’re using a Lenovo computer, it’s best to check if you’re infected with this malware. Simply locate Window’s list of trusted certificates by going to the Control Panel and search for “certificates.” Click on the “Trusted Root Certification Authorities” option and then “certificates.” If you see SuperFish in the list then you are highly likely to be vulnerable to its attacks. Uninstalling SuperFish doesn’t solve the problem. To remove it completely, you must re-install the Windows operating system.

I hope this article helped you in some way. For a more detailed explanation, click here.