This was noticed by Lenovo users and posted on Lenovo forums. Another researcher and Lenovo user Marc Rogers has also published a detailed analysis on his blog. He states that, The adware which is called Superfish Visual Discovery software also uses MITM SSL certificates which is only possible by installing a self signed certificate from designated authority, which is Lenovo in this case. Another user, Kenny White tweeted :
— Kenn White (@kennwhite) February 19, 2015 Thus Lenovo is fraudulently using malware to intercept secure connections and collect the unencrypted data, as a poster on the Lenovo forums showed. However Lenovo tends to disagree. A Lenovo administrator took to the forum to explain what Superfish does: The Superfish VisualDiscovery features which are harmful and irksome are given below : “Superfish technology is purely based on contextual/image and not behavioral. It does not profile nor monitor user behavior. It does not record user information. It does not know who the user is. Users are not tracked nor re-targeted. Every session is independent. When using Superfish for the first time, the user is presented the Terms of User and Privacy Policy, and has option not to accept these terms, i.e., Superfish is then disabled.”
Hijacks legitimate connections. Monitors user activity. Collects personal information and uploads it to it’s servers Injects advertising in legitimate pages. Displays popups with advertising software Uses man-in-the-middle attack techniques to crack open secure connections. Presents users with its own fake certificate instead of the legitimate site’s certificate.
The Lenovo admin have stated that they have temporarily removed Superfish from their customers PC’s till the issue raised in the forum and by cyber security experts is address. For the PCs already sold or being held as inventory by the stores, Lenovo said that, “As for units already in market, we have requested that Superfish auto-update a fix that addresses these issues.” The Superfish malware issue shows that how major tech companies use their monopolies in the market to victimize users with unwanted and dangerous strategies.