Dell’s Laptops are Infected with ‘Superfish-Like’ pre-installed Malware

From The Hacker News:

Dell’s Laptops are Infected with ‘Superfish-Like’ pre-installed Malware

Similar to the Superfish malware that surrounded Lenovo laptops in February, another big computer manufacturer Dell spotted selling PCs and laptops pre-installed with a rogue SSL certificate that could allow attackers:
  • To impersonate as any HTTPS-protected website and spy on when banking or shopping online.
The rogue certificate, dubbed eDellRoot, was first discovered over the weekend by a software programmer named Joe Nord. The certificate is so creepy that it automatically re-installs itself even when removed from the Windows operating system.
Also Read: Lenovo Caught Using Rootkit to Secretly Install Unremovable Software

Superfish 2.0: Unkillable Zombie

The self-signed transport layer security (TLS) credential came pre-installed as a root certificate on Dell PCs and laptops that are signed with the same private cryptographic key, which is stored locally.

Read More…


Posted

in

,

by

Tags: