Since September, Lenovo has been shipping laptops with pre-installed malware that spies on all network activity – including encrypted – and sends it to a remote server under the guise of injecting targeted ads (“to assist customers with discovering products similar to what they are viewing”). Naturally the company that sells this malware did such a bad job of it (the password to unlock the SSL private key is “komodia”, the name of the company) that as a side effect, others on the same network as an infected computer can also view or modify any encrypted network traffic from that computer.
https://www.theverge.com/2015/2/19/8069127/superfish-password-certificate-cracked-lenovo
https://www.theverge.com/2015/2/19/8067505/lenovo-installs-adware-private-data-hackers
http://support.lenovo.com/us/en/product_security/superfish
https://blog.erratasec.com/2015/02/extracting-superfish-certificate.html
Follow RSS/Atom feed for updates.