Jump to content
Tuts 4 You

Lenovo and the Superfish fiasco...


Teddy Rogers

Recommended Posts

I didn't understand it.


I uninstalled the software from Add/Remove programs features. Then I saw some article and I removed the Superfish certificate. What has happen or could happen ?


 


Thanks. PS: I'm so confused, also I'm running MalwareBytes and Windows Firewall.. 


Edited by NeWOT
Link to comment

I didn't understand it.

I uninstalled the software from Add/Remove programs features. Then I saw some article and I removed the Superfish certificate. What has happen or could happen ?

 

Thanks. PS: I'm so confused, also I'm running MalwareBytes and Windows Firewall.. 

MalwareBytes and Windows Firewall won't help you at all if the root certificate is still installed.

Link to comment

MalwareBytes and Windows Firewall won't help you at all if the root certificate is still installed.

But what happen or what could happen if I had it in my certificate?

On lenovo install it was something to accept T.O.S about their government something...

Link to comment

In short someone could copy Komodia's security certificate very easily and instigate a MITM attack and you wouldn't even know there was a problem. Your "secure" connections to banks, merchant websites, etc. would be open for them to snoop on the contents of the traffic as if it had been sent in plain text. The big problem about this is that it is very easy to do.


 


I would recommend you ensure your machine is cleaned before connecting to unknown networks such as internet cafes, open WIFI connections, etc.


 


Apparently Windows Defender is now reporting this as a threat, that should tell you how bad it is!


 


Try this online test... https://filippo.io/Badfish/


 


Ted.


Link to comment

You can read more about exploiting it here...


 



As discussed in my previous blogpost, it took about 3 hours to reverse engineer the Lenovo/Superfish certificate and crack the password. In this blog post, I described how I used that certificate in order to pwn victims using a rogue WiFi hotspot. This took me also about three hours.



 


http://blog.erratasec.com/2015/02/exploiting-superfish-certificate.html


 


Ted.


Link to comment

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...