Lenovo website breached by Lizard Squad

Chinese computer and smartphone firm Lenovo Group said its website was hacked on Wednesday, its second security blemish days after the U.S. government advised consumers to remove software called “Superfish” pre-installed on its laptops.

Hacking group Lizard Squad claimed credit for the attacks on microblogging service Twitter. Lenovo said attackers breached the domain name system associated with Lenovo and redirected visitors to lenovo.com to another address, while also intercepting internal company emails.

Lizard Squad posted an email exchange between Lenovo employees discussing Superfish. The software was at the centre of public uproar in the United States last week when security researchers said they found it allowed hackers to impersonate banking websites and steal users’ credit card information.

In a statement issued in the United States on Wednesday night, Lenovo, the world’s biggest maker of personal computers, said it had restored its site to normal operations after several hours.

“We regret any inconvenience that our users may have if they are not able to access parts of our site at this time,” the company said. “We are actively reviewing our network security and will take appropriate steps to bolster our site and to protect the integrity of our users’ information.”

Lizard Squad has taken credit for several high-profile outages, including attacks that took down Sony Corp’s PlayStation Network and Microsoft Corp’s Xbox Live network last month. Members of the group have not been identified.

Starting 4 p.m. ET on Wednesday, visitors to the Lenovo website saw a slideshow of young people looking into webcams and the song “Breaking Free” from the movie “High School Musical” playing in the background, according to technology publication The Verge, which first reported the breach.

Although consumer data was not likely compromised by the Lizard Squad attack, the breach was the second security-related black eye for Lenovo in a matter of days.

The U.S. Department of Homeland Security said in an alert last Friday that the Superfish program, which came pre-installed on nearly a dozen Lenovo laptop models, makes users vulnerable to a type of cyberattack known as “SSL spoofing”, in which remote attackers can read encrypted web traffic, redirect traffic from official websites to spoofs, and perform other attacks.

Lenovo has since released software to remove Superfish while pledging to never install it on future shipments.

Related Forum: PC General Forum

Source: http://fortune.com/2015/02/25/lenovo-hacked-lizard-squad/


"Lenovo website breached by Lizard Squad" :: Login/Create an Account :: 38 comments

If you would like to post a comment please signin to your account or register for an account.


I know this site is bringing news and I've been browsing for the past month but this has to stop

We don't talk about them, then they'll eventually relize they have lost something to gain which is popularity and them being noticed


Lizard squad is awesome


I'm sick of hearing about LS if everyone stopped talking about then they would go away


I don't like Lizard Squad, there just a bunch of childish little kids. I hate to see them do this though, they really need to grow up.


these kids are just taking cred for someone elses attacks lizard squad are just kids who cant hack or ddos or do anything they just want cred, honestly they are wannabe anon


wowsoMEW Don't really know what to make of all this, like if there is actually any point of if liz squad are truly just a bunch of 13 year olds who just learnt how to ddos and want to play around

It's no easy feat getting into a website.

Especially 1 run by a multibillion$ company.


Lizard Squad is getting quite aggressive, I find it pretty funny how people get so upset, as that's what they want for a reaction.


Don't really know what to make of all this, like if there is actually any point of if liz squad are truly just a bunch of 13 year olds who just learnt how to ddos and want to play around

Gaming Headlines