Dell being one of the major laptop and computer manufacturers in the world has a major place in the market. Last time Lenovo was caught for using pre-installed adware named #Superfish and then they provide a free tool to remove the malware. Recently Dell laptops has been caught for having pre-installed malware.
Laptops sold by Dell has a pre-installed fake signed certificate actually it is a self signed credentials for secure connection establishment the certificate are signed and the keys are stored in local computer.
Let's have a look what can be done with this thing. Attacker can use the credentials to fake a connection as a trusted one and then can carry out a MiTM (Man in The Middle) attack and with that the attacker can gain the sensitive information suchas credentials and other information.
The laptop models that are identified to be having this malware are
Dell Inspiron 5000 series notebooks
Dell XPS 13
Dell XPS 15
It is also doubted that not only these models but also many models may have this malware pre-installed.
To check whether you are infected with this malware
Go to Run
Type certmgr.msc and hit enter
Open up Trusted Root Certification Authority
Select Certificates
Search for eDellRoot
If found you can delete it and then try after sometime you will find the same #eDellRoot in place and the funny thing is that even if you remove it, it will be created by itself.
So what is the way to remove it, there is no removal mechanism available yet but inorder to prevent you from any attack users are recommended to use #Firefox browser as it will warn if the certificate is fake one.
Dell has been reported about this issue and they have posted that customers privacy are their major concern and their team are working on it and will post the status update soon.
P.S: The post is to create awareness and not to create any negative impact.
No comments:
Post a Comment