Your IT Consultant

Lenovo Computers Ship with “Bonus” Software

February 26, 2015

The last several days have been filled with reports of Lenovo shipping malware infected computers capable of intercepting and decrypting HTTPS communications. The malware is called Superfish and it hijacks SSL connections using a man-in-the-middle attack. But it’s not just Lenovo computers that are at risk. Superfish is made by a company called Komodia. The same technology used in Superfish is available in other software applications that Komodia distributes.

• CartCrunch Israel LTD
• WiredTools LTD
• Say Media Group LTD
• Over the Rainbow Tech
• System Alerts
• ArcadeGiant
• Objectify Media Inc
• Catalytix Web Services
• OptimizerMonitor

I think the bigger concern is the actual Lenovo computers and not the applications listed above. Here’s a list of the Lenovo models that may be impacted.

E-Series:
E10-30

Flex-Series:
Flex2 14, Flex2 15, Flex2 14D, Flex2 15D, Flex2 Pro, Flex 10

G-Series:
G410, G510, G710, G40-30, G40-45, G40-70, G40-80, G50-50, G50-45, G50-70, G50-80, G50-80Touch

Lenovo Edge 15

Miix-Series:
Miix2 – 8, Miix2 – 10, Miix2 – 11, Miix 3 – 1030

S-Series:
S310, S410, S415, S415 Touch, S435, S20-30, S20-30 Touch, S40-70

U-Series:
U330P, U430P, U330 Touch, U430 Touch, U540 Touch

Y-Series:
Y430P, Y40-70, Y40-80, Y50-70, Y70-70

Yoga-Series:
Yoga2-11, Yoga2-13, Yoga2Pro-13, Yoga3 Pro

Z-Series:
Z40-70, Z40-75, Z50-70, Z50-75, Z70-80

I’m glad to see that our models didn’t make the list. No matter, we still scanned the machines just to make sure. How do you know if your Lenovo machine has Superfish installed? Ars technica has a post to help you deal with the Superfish installation. You can also use Windows Defender and McAfee to remove the malware.

E-mail:   Phone: 703.359.0700
Digital Forensics/Information Security/Information Technology
http://www.linkedin.com/in/johnsimek
http://www.senseient.com