Published in News

Outfit behind Superfish claims it is under attack

by on20 February 2015
Outfit behind Superfish claims it is under attack


Fiasco gets worse

The outfit at the heart of the Lenovo "superfish" spyware scandle Komodia is being attacked.

Superfish's problem is a highly intrusive technology, known as SSL Digestor, is called Komodia.

The company claims it has been hit with a Distributed Denial of Service (DDoS) attack due to "recent media attention," however it is still possible reach the company.
Barak Weichselbaum, Komodia's founder who was once a programmer in Israel's IDF's Intelligence Core, told Forbes that the company was not hiding behind DDoS claims and that the attack was real.

However he was unable to comment on the Lenovo Superfish story for contractual reasons. It is not surprising that people might be a little miffed at Komoda.

Adam Winn, manager, OPSWAT told us that while the software might not be malicious, the implementation was. He said that Superfish weremore than just adware -- it's a man-in-the-middle attack masquerading as adware.

"In the age of nearly constant security-related headlines, it's shocking that Lenovo would preinstall software that breaks the SSL trust chain in such a fundamental way. This is reminiscent of the Sony BMG rootkit from 2005, but more disturbing because of it goes to the heart of privacy concerns and the fundamental trust that consumers place in SSL protected websites," he said.

Simon Crosby, Co-founder and CTO, Bromium said that it was high time for PC OEMs to accept that adware and other junk software installed in consumer devices is precisely the opposite of what their customers want, and that delivering a secure, non intrusive, high quality product is valued by consumers.

Marc Jacobs, security researcher at content delivery network CloudFlare said that at the heart of the whole thing those is that Komodia is easy to hack.

The encryption key run by Komodia has a password to access all different versions of the certificate which is "komodia".

Hackers can craft their own SSL certificates, which are supposed to guarantee trust, with the Komodia key. They can then intercept people's internet connections, create fake versions of certain websites and steal their data, as long as targets' computers trust the Komodia certificates.

"This means that those dodgy certificates aren't limited to Lenovo laptops sold over a specific date range. It means that anyone who has come into contact with a Komodia product, or who has had some sort of Parental Control software installed on their computer should probably check to see if they are affected," said Jacobs.

Rate this item
(6 votes)
Tagged under
More in this category: « Ryan Air teams up with Apple UK wants Internet defined as a utility »
back to top

Most popular

Latest comments

Read more about: