Lenovo website breached by Lizard Squad

4.7
Chinese computer and smartphone firm Lenovo Group said its website was hacked on Wednesday, its second security blemish days after the U.S. government advised consumers to remove software called “Superfish” pre-installed on its laptops.

Hacking group Lizard Squad claimed credit for the attacks on microblogging service Twitter. Lenovo said attackers breached the domain name system associated with Lenovo and redirected visitors to lenovo.com to another address, while also intercepting internal company emails.

Lizard Squad posted an email exchange between Lenovo employees discussing Superfish. The software was at the centre of public uproar in the United States last week when security researchers said they found it allowed hackers to impersonate banking websites and steal users’ credit card information.

In a statement issued in the United States on Wednesday night, Lenovo, the world’s biggest maker of personal computers, said it had restored its site to normal operations after several hours.

“We regret any inconvenience that our users may have if they are not able to access parts of our site at this time,” the company said. “We are actively reviewing our network security and will take appropriate steps to bolster our site and to protect the integrity of our users’ information.”

Lizard Squad has taken credit for several high-profile outages, including attacks that took down Sony Corp’s PlayStation Network and Microsoft Corp’s Xbox Live network last month. Members of the group have not been identified.

Starting 4 p.m. ET on Wednesday, visitors to the Lenovo website saw a slideshow of young people looking into webcams and the song “Breaking Free” from the movie “High School Musical” playing in the background, according to technology publication The Verge, which first reported the breach.

Although consumer data was not likely compromised by the Lizard Squad attack, the breach was the second security-related black eye for Lenovo in a matter of days.

The U.S. Department of Homeland Security said in an alert last Friday that the Superfish program, which came pre-installed on nearly a dozen Lenovo laptop models, makes users vulnerable to a type of cyberattack known as “SSL spoofing”, in which remote attackers can read encrypted web traffic, redirect traffic from official websites to spoofs, and perform other attacks.

Lenovo has since released software to remove Superfish while pledging to never install it on future shipments.

Posted:
Related Forum: PC General Forum

Source: http://fortune.com/2015/02/25/lenovo-hacked-lizard-squad/

Comments

"Lenovo website breached by Lizard Squad" :: Login/Create an Account :: 38 comments

If you would like to post a comment please signin to your account or register for an account.

slowprahPosted:

Boar I just feel Lizard Squad are trying too hard to be Anonymous back in the day, and it's working.


But anonymous didn't try to show power by attacking large companies without reason.

RS4 Lenovo is shit anyways haha.


Lenovo is king.

AdamuPosted:

Lizard squad are really starting to annoy me they are getting nothing but attention out of this but they will regret it when they get caught.

BoarPosted:

I just feel Lizard Squad are trying too hard to be Anonymous back in the day, and it's working.

MXPosted:

To be honest I still think what they are doing is good, if they can hack this many services that easily it just shows the company that they need to update there security.

VauxhallPosted:

Lizard squad need to stop this

nostrilPosted:

Lol. Just the reason why I like ls. Sites need better security.

SkittlePosted:

At least Lizard Squad are more than just DDoSing..

JRMHPosted:

gtapro151
Tet
wowsoMEW Don't really know what to make of all this, like if there is actually any point of if liz squad are truly just a bunch of 13 year olds who just learnt how to ddos and want to play around


It's no easy feat getting into a website.

Especially 1 run by a multibillion$ company.


they dont get into websites the way your thinking all they do is redirect traffic from the site to another. there not actually changing anything on the official site witch would actually take skill.


did you read the same article I did? "intercepted company E-mails"
they're not wrong for hacking Lenovo. Any company that adds pre-installed software for money deserves this sort of thing.. They make so much money off of adware that ends us causing casual computers to go slow anyway. I never liked Lenovo to begin with.

gtapro151Posted:

Tet
wowsoMEW Don't really know what to make of all this, like if there is actually any point of if liz squad are truly just a bunch of 13 year olds who just learnt how to ddos and want to play around


It's no easy feat getting into a website.

Especially 1 run by a multibillion$ company.


they dont get into websites the way your thinking all they do is redirect traffic from the site to another. there not actually changing anything on the official site witch would actually take skill.

TimePosted:

This is the first time the Lizard Squad have done anything remotely worthwhile. It certainly makes a change from ruining Christmas for Xbox or Playstation gamers.