HTTPS-breaking adware means users can't trust their own machines

Michael Morisy

February 12, 2016

1 Min Read
HTTPS-breaking adware means users can't trust their own machines

Lenovo and Dell took a lot of justified heat last year for hijacking HTTPS certificates, but the problem is incredibly widespread, with a recent investigation showing some of the most popular adware following the same practice, leaving millions of users vulnerable.

The investigation, by How-To Geek, offers a good run-down on how pervasive HTTPS hijacking is, particularly for more novice web users.

According to the research, just looking at the top 10 downloads at Download.com would put a million users at risk a month.

The most common attacks simply add a new, fake root authority certificate that lets the adware provider inject their own ads across the web, but some of the adware just greenlights any certificates, leaving users wide open to a variety of phishing attacks that could have otherwise been prevented.

I'd say that these downloads are unlikely to trick seasoned technologists, but I found myself almost installing one on a friend's machine after an adware link trumped an organic search result.

Fortunately, Microsoft has been taking the problem seriously, cracking down with new restrictions on adware starting at the end of next month. IT professionals should work to make sure that devices on their network keep certificates locked down.

Read the full report at How-To Geek.

Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.

You May Also Like