To help us provide you with free impartial advice, we may earn a commission if you buy through links on our site. Learn more

Lenovo.com hacked – Superfish vigilante attack?

Lenovo.com

Lenovo's bad week just got a lot worse

A week ago Lenovo was hauled across the coals for pre-installing dubious adware on its range of laptops. Last night, in an apparently linked attack, the site’s homepage was hijacked, so that users saw a slideshow of images accompanied by a song from High School Musical.

Code used in the hack included the text ‘the new and improved rebranded Lenovo website featuring Ryan King and Rory Andrew Godfrey’. Both of them have been previously identified as members of Lizard Squad. Although it’s impossible to know at present if they were actually involved in the hack, or if the real perpetrators are simply trying to lead investigators astray.

The attack appears to be some kind of vigilante retribution against the company for its recent adware based blunder. Lenovo had been pre-installing the Superfish software on its consumer laptops, which left them open to attack by, ironically, hackers.

Lenovo hack

^ Visitors to Lenovo’s site were greeted by images such as this 

It looks as though the attack on Lenovo.com is directly related to one on Google.com.vn two days ago. Director of Security TReseach at openDNS, Andrew Hay, stated that the perpetrators used Digital Ocean’s Netherlands data centre to host the attack, as with the Google attack. They also used the same registrar for both attacks, Webnic.cc.

Speaking about this recent hijack, Andrew Hay said, “Two defacements in a single week is normally nothing, but two extremely high-profile defacements from the same registrar in the same week is a definite trend. We may see more redirections of domains that were registered with Webnic.cc in the coming days.”

For those who are Lenovo customers, there’s no suggestion at present that the site as a whole was compromised or that any data or client details were stolen. In any case it rounds off a catastrophic week for the company, which is a shame as it makes some rather nice laptops, such as the Lenovo Yoga 3 Pro.

A spokesperson for Lenovo said: “Unfortunately, Lenovo has been the victim of a cyber attack. One effect of this attack was to redirect traffic from the Lenovo website. We are also actively investigating other aspects. We are responding and have already restored certain functionality to our public facing website. We regret any inconvenience that our users may have if they are not able to access parts of our site at this time. We are actively reviewing our network security and will take appropriate steps to bolster our site and to protect the integrity of our users’ information and experience. We are also working proactively with 3rd parties to address this attack and we will provide additional information as it becomes available.”

Read more

News