Superfish, Man-in-the-middle, and SSLFebruary 23rd, 2015
- Posted By: Nick Shertzer
- 0 Comments
A new type of malware has been discovered that breaks SSL encryption, mainly to insert ads in your browsing. This “Superfish” style vulnerability means that even when you connect to your email, bank, 401(k), or even health insurance site, the connection is being re-routed on the fly to the bad guys servers but your browser will still show that green lock saying the connection is secure.
Possibly the easiest to understand write-up I have seen so far is from HowToGeek.com:
“Once you are hijacked, they can read every single thing that you submit to a private site — passwords, private information, health information, emails, social security numbers, banking information, etc. And you’ll never know because your browser will tell you that your connection is secure.”
An easy way to verify if you have been infected is to check the Superfish / Komodia / Certification validation test site:
If the vulnerability test says you have a problem, please contact me for consulting. If the test comes back “Good”, then you are safe for now. Even if you are safe for now, please consider the following:
- Use Ninite to install free software.
- Pay attention to what you are clicking any time you click.
- Install Malwarebytes Anti-Exploit to protect your browser and other critical applications from security holes and zero-day attacks.
- Enable Click-To-Play for plugins in your browser
- Keep Windows up to date by using Windows Automatic updates. Keep all other software up to date by using Secunia