Lenovo website breached by Lizard Squad

4.7
Chinese computer and smartphone firm Lenovo Group said its website was hacked on Wednesday, its second security blemish days after the U.S. government advised consumers to remove software called “Superfish” pre-installed on its laptops.

Hacking group Lizard Squad claimed credit for the attacks on microblogging service Twitter. Lenovo said attackers breached the domain name system associated with Lenovo and redirected visitors to lenovo.com to another address, while also intercepting internal company emails.

Lizard Squad posted an email exchange between Lenovo employees discussing Superfish. The software was at the centre of public uproar in the United States last week when security researchers said they found it allowed hackers to impersonate banking websites and steal users’ credit card information.

In a statement issued in the United States on Wednesday night, Lenovo, the world’s biggest maker of personal computers, said it had restored its site to normal operations after several hours.

“We regret any inconvenience that our users may have if they are not able to access parts of our site at this time,” the company said. “We are actively reviewing our network security and will take appropriate steps to bolster our site and to protect the integrity of our users’ information.”

Lizard Squad has taken credit for several high-profile outages, including attacks that took down Sony Corp’s PlayStation Network and Microsoft Corp’s Xbox Live network last month. Members of the group have not been identified.

Starting 4 p.m. ET on Wednesday, visitors to the Lenovo website saw a slideshow of young people looking into webcams and the song “Breaking Free” from the movie “High School Musical” playing in the background, according to technology publication The Verge, which first reported the breach.

Although consumer data was not likely compromised by the Lizard Squad attack, the breach was the second security-related black eye for Lenovo in a matter of days.

The U.S. Department of Homeland Security said in an alert last Friday that the Superfish program, which came pre-installed on nearly a dozen Lenovo laptop models, makes users vulnerable to a type of cyberattack known as “SSL spoofing”, in which remote attackers can read encrypted web traffic, redirect traffic from official websites to spoofs, and perform other attacks.

Lenovo has since released software to remove Superfish while pledging to never install it on future shipments.

Posted:
Related Forum: PC General Forum

Source: http://fortune.com/2015/02/25/lenovo-hacked-lizard-squad/

Comments

"Lenovo website breached by Lizard Squad" :: Login/Create an Account :: 38 comments

If you would like to post a comment please signin to your account or register for an account.

JetzPosted:

Inq I am kinda getting tired of these Lizard Squad kids.


Exactly. I don't understand how these guys are teenagers and still most of them haven't been caught yet.

TTGxUehleinbxPosted:

Hollywood_Undead
Reptrain Lizard Squad for the Win.


You must be stupid rooting for them.


This is why his parents should have used a condom

DiscriminationPosted:

Lizard squad are just getting boring now.

XBL-ABPosted:

Reptrain Lizard Squad for the Win.


You must be stupid rooting for them.

DeluxeHazardPosted:

Reptrain Lizard Squad for the Win.


Really? Lizard Squad is just a bunch of punks who waste their talent by taking trolling to a worldwide level.

XboxPosted:

Lizard Squad for the Win.

1989Posted:

Grimlock never heard of this company. But after seeing the other news comments I can see its kinda bad.


There pretty popular, quite surprised you have never heard of them.

1989Posted:

I am kinda getting tired of these Lizard Squad kids.

TomPosted:

never heard of this company. But after seeing the other news comments I can see its kinda bad.

GaryPosted:

To be fair Lenovo did sell malware infected laptops so they kind of deserves this