Home Cybersecurity Superfish Man-In-The-Middle Attacks Initiated On 44,000 Systems Using Firefox

Superfish Man-In-The-Middle Attacks Initiated On 44,000 Systems Using Firefox

Posted: February 21, 2015

superfish issues and attacks firefoxThe malicious program known as Superfish, a web browser add-on bundled with numerous Lenovo laptop computers from September 2014 to December 2014, has caused a major uproar lately as those affected systems are vulnerable to attacks. Recently, it was discovered that Lenovo laptops that had Superfish pre-loaded on them are now allowing Firefox to serve as a proxy between the user and HTTPS websites rooting in man-in-the-middle (MitM) attack. Such attacks are now being initiated on up to 44,000 systems using Firefox.

The root certificate for Windows is an entity that web browsers rely on for trusting certain websites and their security connectivity. With Firefox being the primary web browser that is being affected by Superfish, those using the Mozilla Firefox browser are risking their security connection being broken allowing remote attackers access to information transmitted over the Internet.

Superfish may have once been thought as a useful add-on for bundling on new Lenovo laptop computers and have found their way on many in error by the Lenovo company. Since that time, the laptops or any other computers with the Superfish software may experience an issue within Firefox and its security certificates being signed with an RSA key that could be recovered by someone to launch a MitM attack. Such an attack could be initiated through a public Wi-Fi hotspot or other compromised Internet gateways.

The RSA key encrypting the Superfish root certificate was already cracked on February 19, 2015. With Mozilla implanting its own certificate store users thought that Firefox users wouldn't be affected by Superfish's MitM activity. That thought, has now been debunked as upwards of 44,000 Firefox users are susceptible to this threat. If taken advantage of, the threat could leave their personal data transmitted over the Internet up for grabs in the event of a successful MitM attack on their system.

The use of SSL features and certificates is something that a number of computer users ensure are in place for the purpose of encrypting sensitive data that is transmitted over the Internet.

With Superfish in the wild and up to 44,000 Firefox users now vulnerable to such attacks, it is in everyone's best interest to remove Superfish and any associated certificates that it may have loaded into web browser applications.

For computer users who are not savvy and up to the task of viewing and verifying security certificates, it is still prudent to take proper action to remove Superfish.

Loading...