Superfish Visual Discovery
Posted: February 23, 2015
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Threat Level: | 8/10 |
|---|---|
| Infected PCs: | 16 |
| First Seen: | February 23, 2015 |
|---|---|
| Last Seen: | July 28, 2020 |
| OS(es) Affected: | Windows |
Superfish VisualDiscovery is an adware program that modifies your browser's Web pages for including new advertisement content, but also may include not-insignificant vulnerabilities related to its use of certificates and SSL communications. Like other adware products noted to share these security flaws, Superfish VisualDiscovery is based on a Komodia 'SSL hijacker.' You should take all measures needed, not only to delete Superfish VisualDiscovery, but also to remove the certificate that's responsible for this vulnerability, which may not remove itself with a standard uninstall routine.
Fishing for Adware Trouble in the Web
Superfish VisualDiscovery is a search results-based adware program that installs itself to your default Web browser, such as Firefox. Superfish VisualDiscovery uses image recognition functions to determine 'relevant' subject matter and deliver advertisements that are appropriate to its viewers, which inject themselves into the Web pages via JavaScript. While these functions aren't especially unusual, malware experts have been able to link them to potentially gaping security vulnerabilities.
Superfish VisualDiscovery 'hijacks' SSL browser communications, which are used for activities as sensitive as password protection, from any website using them. While this function is also not extremely unusual, Superfish VisualDiscovery employs an exceptionally unsafe root certificate to 'protect' Superfish VisualDiscovery from any abuses. Shockingly, Superfish VisualDiscovery uses the same, weak password, 'komodia,' across all machines, and may generate additional certificates on request. This exploitable security weakness could allow third parties to intercept Superfish VisualDiscovery's functions and use them to commit a variety of browser-based attacks meant to harm your computer or collect data.
Superfish VisualDiscovery shares this vulnerability with other PUPs based on Komodia, including ArcadeGiant, Qustodio, Keep My Family Secure and OptimizerMonitor (among others). Many of these Potentially Unwanted Programs provide adware functions or functions, ironically, meant to protect your browser.
Discovering Safety from Adware in the Online Sea
Superfish VisualDiscovery may be installed by default on Lenovo-brand systems, and even may restore itself during factory resets. While Komodia has issued a statement of full confidence in the safety of products derived from its SSL-hijacking program, both Microsoft and Lenovo have begun to take extra steps to remove Superfish VisualDiscovery and related add-ons. In general, malware experts categorize most adware programs as minor security risks. However, the widely-known vulnerabilities in Superfish VisualDiscovery, combined with the ease of exploiting them, may make deleting Superfish VisualDiscovery a more urgent matter than usual for most Lenovo customers.
Superfish VisualDiscovery is recognizable by its symptoms, which include inappropriate advertisements inserted into unrelated sites, regardless of your choice of browser. Since uninstalling Superfish VisualDiscovery by standard procedures will not remove its certificate, malware experts encourage including anti-malware and anti-adware utilities for disinfecting your PC. Some PC security vendors also are releasing tools specialized for identifying and deleting Superfish VisualDiscovery's certificate, which are exploitable in a matter of hours with little programming proficiency on the part of the attacker
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.