Lenovo was in troubled waters recently thanks to the Superfish spyware that got installed on new laptops. Even as people worry about Superfish, a bigger threat looms in the form of the Komodia SSL hole.

The flawed Superfish adware was basically designed to key adverts into a user's browsing experience. However, the adware made users susceptible to cyberattacks.

Turns out that Superfish not only deployed technology from an Israel-based company Komodia, but also software packages pertaining to antivirus and parental protection that deploy Komodia's engine.

Founded in 2000, Komodia is an IT firm that sells network interception technology, i.e. Komodia Redirector with SSL Digestor, to several software developers. It has more than 100 clients on board using its SDKs.

The company's software basically works by installing a root certificate-authority (CA) certificate that is meant to help users intercept encrypted Web HTTPS traffic. This functionality was used by Superfish to interlope HTTPS-encrypted pages and key-in ads.

However, this CA certificate from Komodia is not secured properly and could enable hackers to wage man-in-the-middle (MITM) attacks where a third party can easily spy on the encrypted traffic and, therefore, alter or read the same.

This issue was highlighted by the Superfish fiasco. Several software programs that deploy Komodia's components - and could potentially put the user's privacy at risk - have been identified by pundits.

"If you have come into contact with any Komodia product, I would check for unrestricted private root certificates, before carefully removing them and the associated software from any system that you care about," warns Marc Rogers of cybersecurity firm CloudFlare.

Security researchers say Komodia made security errors, including using the same key in all places, encrypting keys with a simple password and allowing self-signed certificates to be trusted without requiring first a warning on the user's browser.

Komodia's founder Barak Weichselbaum has chosen to stay mum on the concerns security researchers are raising. He, however, has let on that an update for the company's software is being tested.

 "We have a release candidate and it's being tested by us and other parties [to see] if we can release it," said Weichselbaum.

Lenovo, too, is working on removing the Superfish adware and on fixes. 

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion