Superfish is pre-installed Lenovo adware (thanks Lenovo!), which is meant to place advertisements in your web browser. The problem is that the software also intercepts encrypted traffic, which opens up your computer to man-in-the-middle attacks.
Superfish intercepts HTTPS connections. Security researcher, Chris Palmer, found that when he visited Bank of America’s web site on a computer with Superfish installed, the bank’s certificate was signed by Superfish rather than VeriSign.
This means attackers could use the certificate to create fake HTTPS web sites that grab your passwords, or even create viruses that are “signed” to look legitimate.
Superfish Features:
- Hijacks legitimate connections.
- Monitors user activity.
- Collects personal information and uploads it to it’s servers
- Injects advertising in legitimate pages.
- Displays popups with advertising software
- Uses man-in-the-middle attack techniques to crack open secure connections.
- Presents users with its own fake certificate instead of the legitimate site’s certificate.
Filippo, the gentleman who warned most of the world about Heartbleed, has a test on his website that can be found here.