Lenovo Stops Using Hackable Software

Monday, February 23, 2015 @ 04:02 PM gHale

The world’s largest PC maker, China’s Lenovo Group, will no longer pre-install software that security researchers said was malicious and made devices vulnerable to hacking.

Lenovo had come under fire from researchers who said on Thursday the company pre-installed a virus-like software from a company called Superfish on consumer laptops that hijacked web connections that ended up susceptible to spying.

RELATED STORIES
Piracy Investigation: Feds Seize Assets
Apple Works to Block Malware
New Trojan for iOS
Mitigations for DDoS Toolkit Attacks

Users reported last June that a program, also called Superfish, was “adware,” or software that automatically displays adverts.

Superfish will no longer end up pre-installed and the company disabled all products in the market since January, when Lenovo also stopped pre-installing the software, said a Lenovo spokesman. Superfish was on some consumer notebooks shipped between September and December, he said.

“We have thoroughly investigated this technology and do not find any evidence to substantiate security concerns,” the spokesman said. Superfish “does not profile nor monitor user behavior. It does not record user information. It does not know who the user is. Users are not tracked nor re-targeted… The relationship with Superfish is not financially significant.”

Superfish is a malicious software that hijacks and throws open encrypted connections, paving the way for hackers to commandeer connections and eavesdrop, in a man-in-the-middle attack, one researcher said.



Leave a Reply

You must be logged in to post a comment.