It is not just worrisome that Lenovo has installed adware named Superfish on some machines that breaks HTTPS, the secure version of the hypertext transfer protocol to scour ads and view data on certain connections that normally would not permit it.
However, it also can intercept encrypted connections that leave holes for hackers that are much more malicious to potentially steal data that is private, such as information for banking, said experts.
Superfish uses an attack known as man in the middle to install its root certificate on systems using Windows, so when you visit any website it appears that the Superfish is allowed to go there, observing actions according to security experts.
When for example a banking website is browsed, there is usually present a lock icon on the taskbar indicating the connection is private, but for users of Lenovo Superfish is there watching.
The adware scans over the visuals on the browser to determine what is the correct thing to advertise. Last month, Lenovo confirmed that the Superfish comes preinstalled on its consumer products.
The Superfish software only comes with consumer products from Lenovo and helps users to find products visually. The software instantly analyzes images in the Internet and presents product offers that are identical or similar that might have prices that are lower.
This could present a whole host of other problems beyond the pop up ads that are unwanted.
Superfish is cracking open essentially all secure connections and then using its own counterfeit certification to trick the HTTPS connections including Facebook, Google and other sites that use the now common type of security.
One security researcher said that if the software or any of the control infrastructure were to be compromised an attacker could have unrestricted, complete access to customers affected banking sites, private messages and personal data.