News

Watch out for Three Major Security Threats From the Superfish Malware

2015-03-16

Recently, the "Superfish" malware incident has caught the attention of the media. This uninvited malware has been found preinstalled on many computers, and can hijack users' browser data and tamper with search results without permission from users. Superfish can also use a middleman method to hijack SSL links (a common Internet security encryption method) and install digital certificates with the highest permissions. This means that the encrypted information passed between users and websites can be tampered with, and hackers can use this vulnerability to carry out phishing attacks on users. People with Superfish installed on their computers face potential risks from personal information disclosure, phishing attacks, and other serious threats, according to the Baidu Antivirus Security Center team.


According to the Baidu Antivirus security experts, people whose computers are infected with the Superfish malware face three major security threats:


Threat 1: Superfish’s pre-installation method makes it hard for users to notice the malware.


The Superfish malware commonly comes pre-installed on computers by the OEM before it leaves the factory, so it is hard for users to even be aware of its existence in the first place. The OEM's lack of knowledge concerning the security of the pre-installed software has allowed some malware to be hidden in users' computers in this way. Because of this sneaky pre-install method of delivery, Superfish becomes a ticking time bomb that could strike at any time.


Threat 2: Superfish may lead to leaks of private user information.

   

The Superfish malware can intercept all webpage data requests sent by the user. User access records (e.g. accounts, etc.) can be recorded and saved to a specified server. This is a threat to users' personal, private information and bank account information.


Threat 3: Users may suffer network phishing attacks from Superfish.


Hackers can use the Superfish malware security vulnerability to redirect users from their usual web-banking site (for example, XXXbank.com) to a malicious site (i.e. phishingXXXbank.com) that steals credit card and bank card info. In this way, your online banking information can be intercepted by cybercriminals, ultimately resulting in money being stolen directly out of your accounts.


According to Baidu Antivirus security experts, Baidu Antivirus can now help users to check if their computer has Superfish installed, and completely remove it to protect their private data. At the same time, the Baidu Antivirus Security Center will continue to follow the development of this malicious malware in order to provide users with up-to-date, effective security protection.

(Detection of Superfish by Baidu Antivirus System Repair)