Superfish
Superfish is a form of adware that has the ability to hijack encrypted Web sessions and open a system up to potential HTTPS man-in-the-middle (MiTM) attacks. Superfish gained widespread attention in early 2015 when it was revealed that the PC manufacturer Lenovo was selling computers that had Superfish adware preinstalled.
Superfish Installed on Lenovo Computers Raised Security Concerns in 2015
Lenovo shipped some consumer notebook models with Superfish preinstalled between October and December 2014, but discontinued the practice after security concerns over the adware components were raised in January 2015.
Lenovo initially claimed that the Superfish adware presented no security risks, but the company changed its stance on February 20th, when it issued a security advisory and labeled the Superfish adware as a security vulnerability that carried the potential impact of launching a man-in-the-middle attack. On the same day, Lenovo released an automated tool to remove all Superfish components on its computers.
Superfish has since raised a variety of security concerns for the adware primarily revolving around the use a self-signed root certificate that could potentially enable Superfish to intercept otherwise secure communications and gain access to a user’s Web traffic, login credentials, credit card details and other sensitive information.
Superfish and Comodia Elicit Security Alert from US-CERT
Komodia’s technology has also been identified as a Trojan horse by some security vendors, with Symantec labeling the malware as “Trojan.Nurjax.” And the U.S. Computer Emergency Readiness Team (US-CERT) issued an alert on February 20th, 2015 that exposed Superfish for being a risk beyond just in Lenovo notebooks.
The US-Cert named Komodia, the firm behind creating the Superfish adware, and revealed the firm’s SSL Digestor technology as being present on other applications and carrying the same associated risks on these apps.
According to the alert, “An attacker can spoof HTTPS sites and intercept HTTPS traffic without triggering browser certificate warnings in affected systems.” The US-CERT recommends uninstalling any software with Komodia’s SSL Digestor as the only effective solution for avoiding the risks associated with Superfish.
Read Also:
- Copy Data Virtualization
Copy Data Virtualization is an approach to data management originally created by Actifio that applies the virtualization approach to data, and specifically copy data. Copy data virtualization is designed to free copy data from isolated use case-defined silos or infrastructure. Copy data, or data that has been copied and retained for either backup, archival or […]
- Governance, Risk, and Compliance (GRC)
Governance, Risk and Compliance, or GRC for short, refers to a company’s coordinated strategy for managing the broad issues of corporate governance, enterprise risk management (ERM) and corporate compliance with regard to regulatory requirements. Specifically, the three pillars of GRC are: Governance – The effective, ethical management of a company by its executives and managerial […]
- Copy Data
Copy data refers to data in an organization that has been copied and retained for backup, archival and/or Governance, Risk and Compliance (GRC) preservation purposes. Copy data stands in contrast to production data, which is the data consumed, manipulated and/or managed in the daily operations of a business and its applications. Data storage repositories for […]
- CoreOS
Rocket is a containerization model developed by CoreOS that serves as an alternative to Docker. As with Docker, CoreOS Rocket automates the deployment of applications as portable, self-sufficient containers that can run virtually anywhere on any type of server. But while Docker has started to evolve into a complex platform that serves a variety of […]
- Apache Spark
Apache Spark is an open-source engine developed specifically for handling large-scale data processing and analytics. Spark offers the ability to access data in a variety of sources, including Hadoop Distributed File System (HDFS), OpenStack Swift, Amazon S3 and Cassandra. Apache Spark is designed to accelerate analytics on Hadoop while providing a complete suite of complementary […]