Lenovo's virus-like software makes laptops prone to hacking: Experts | HT Tech

Lenovo's virus-like software makes laptops prone to hacking: Experts

China's Lenovo Group Ltd, the world's largest PC maker, had pre-installed a virus-like software on laptops that makes the devices more vulnerable to hacking, cybersecurity experts said on Thursday.

By:REUTERS
| Updated on: Feb 19 2015, 22:06 IST
image caption
A-logo-of-Chinese-computer-giant-Lenovo-is-displayed-in-Hong-Kong-AFP-photo

China's Lenovo Group Ltd, the world's largest PC maker, had pre-installed a virus-like software on laptops that makes the devices more vulnerable to hacking, cybersecurity experts said on Thursday.

Users reported as early as last June that a programme called Superfish pre-installed by Lenovo on consumer laptops was 'adware', or software that automatically displays adverts.

You may be interested in

MobilesTablets Laptops
7% OFF
Apple iPhone 15 Pro Max
  • Black Titanium
  • 8 GB RAM
  • 256 GB Storage
28% OFF
Samsung Galaxy S23 Ultra 5G
  • Green
  • 12 GB RAM
  • 256 GB Storage
Google Pixel 8 Pro
  • Obsidian
  • 12 GB RAM
  • 128 GB Storage
Apple iPhone 15 Plus
  • Black
  • 6 GB RAM
  • 128 GB Storage

Robert Graham, CEO of US-based security research firm Errata Security, said Superfish was malicious software that hijacks and throws open encrypted connections, paving the way for hackers to also commandeer these connections and eavesdrop, in what is known as a man-in-the-middle attack. Lenovo had installed Superfish on consumer computers running Microsoft Corp's Windows, he added.

Also read
Looking for a smartphone? To check mobile finder click here.

'This hurts (Lenovo's) reputation,' Graham told Reuters. 'It demonstrates the deep flaw that the company neither knows nor cares what it bundles on their laptops.'

An administrator on Lenovo's official web forum said on January 23 that Superfish has been temporarily removed from consumer computers.

Lenovo executives were not immediately available for comment during the Lunar New Year holiday in China.

Graham and other experts said Lenovo was negligent, and that computers could still be vulnerable even after uninstalling Superfish.

The software throws open encryptions by giving itself authority to take over connections and declare them as trusted and secure, even when they are not.

'The way the Superfish functionality appears to work means that they must be intercepting traffic in order to insert the ads,' said Eric Rand, a researcher at Brown Hat Security. 'This amounts to a wiretap.'

Concerns about cybersecurity have dogged Chinese firms, including telecoms equipment maker Huawei Technologies Ltd over ties to China's government and smartphone maker Xiaomi Inc over data privacy. Lenovo commanded one-fifth of the global PC market in the third quarter of 2014, according to data research firm IDC.

Catch all the Latest Tech News, Mobile News, Laptop News, Gaming news, Wearables News , How To News, also keep up with us on Whatsapp channel,Twitter, Facebook, Google News, and Instagram. For our latest videos, subscribe to our YouTube channel.

First Published Date: 19 Feb, 20:49 IST
NEXT ARTICLE BEGINS
Not sure which Mobile to buy? Need help?