Superfish

Superfish is an advertising company whose software is widely considered to be malware. In February 2015, the U.S. Department of Homeland Security advised users to remove Superfish software, such as Superfish Window Shopper, because it exposes computers to cyber attacks. In May 2015, SuperFish changed its name to JustVisual.com.

For Superfish to insert advertisements into a user's encrypted web traffic, Superfish installs a self-signed root certificate on the user's machine. The certificate makes all encrypted communications vulnerable to a man-in-the-middle attack, allowing a malicious third-party to eavesdrop on any HTTPS sessions.

Notably, Superfish software was pre-installed on many Windows 8.1 laptops manufactured by Lenovo and sold in 2014. If you are running Window Shopper or any other Superfish software, we recommend you uninstall it by running Windows Defender or another anti-malware tool.

Lenovo, Malware, Man-in-the-middle attack, Security terms, Super