Think Superfish-like malware and its relatives are dead? You're wrong -- it and its nasty cousins have injected ads into tens of millions PCs worldwide. Here's how to kill them.
Superfish leaves users vulnerable to "man-in-the-middle" attacks. When you're infected with it, you appear to be visiting a secure site, but you're instead visiting one controlled by an attacker. Here are more details.
Superfish does more as well --- it injects ads into Web sites as you visit them, so you see not just ads on those sites, but ads that Superfish sends you as well.
Lenovo had pre-installed Superfish on "some consumer notebook products shipped in a short window between September and December," according to the company. After an outcry, the company stopped doing that, and work was done to eradicate the dangerous pest.
A new report details how common Superfish and its adware relatives have been. A study done by Google with researchers from the University of California at Berkeley and Santa Barbara, found that more than five percent of all visits to Google and sites owned by Google were altered by Superfish or adware similar to it between last June and September. The vast majority of injections involved Superfish.
The researchers found a staggering 50,870 Chrome extensions and 34,407 programs that inject ads into Web sites. Some 38 percent of the extensions and 17 percent of the programs were malware, and the other were adware.
The study found that 96 percent of browser extensions and 97 percent of ad injectors contacted superfish.com to do their work.
It's not clear how prevalent all that is today. But if you're worried about it, you can do something. If you use Chrome, use this free Google tool that removes Superfish, ad injectors, and other unwanted software or software that might interfer with Chrome. See my blog post "How to kill all crapware and adware from Chrome," for details about how to use it.
Superfish and other adware can attack you apart from Chrome, though. So head to this Web site to see if you've got Superfish. And check out my blog post, "How to check if you've got nasty Superfish adware on your Lenovo PC --- and how to remove it."