Chinese computer manufacturer Lenovo has become a victim of a cyber-attack that took down its website and redirected traffic.
Coming at a bad timing for the company, the hack took place just a week after it publicly apologised for pre-loading adware called Superfish on to some of its laptops, making the gadgets vulnerable to hackers.
This most recent attack took down Lenovo’s website for several hours on Wednesday 25th February and showed a blank page, which stated that the site was unavailable due to maintenance. In addition, the URL lenovo.com redirected users to a slideshow of bored-looking teens, set to the song ‘Breaking Free’ from High School Musical.
[themecolor]Taking steps to protect user information[/themecolor]
The company said in a statement: “Unfortunately, Lenovo has been the victim of a cyber-attack. One effect of this attack was to redirect traffic from the Lenovo website. We are also actively investigating other aspects of the attack.
“We are responding and have already restored certain functionality to our public-facing website. We are actively reviewing our network security and will take appropriate steps to bolster our site and to protect the integrity of our users’ information and experience.
“We are also working proactively with third parties to address this attack and we will provide additional information as it becomes available.”
[themecolor]Lizard Squad and Superfish[/themecolor]
Hacking group Lizard Squad claimed responsibility for the DNS attack via its Twitter account. It is thought that the slideshow images depicted the hackers themselves and clicking on the slideshow took users to the Lizard Squad Twitter page. This group is also thought to be responsible for several other high profile cybercrimes including the PlayStation Network and Xbox breaches over Christmas.
Following its attack, the group posted screenshots of emails allegedly sent to lenovo.com addresses, including one discussing the Superfish software.
Lenovo is already in hot water; the preloaded software has landed the company in court under accusations of ‘fraudulent’ business practices. The adware was found to hijack browsers and insert third-party ads into Google searches, but has since been disabled.
Whilst there is every chance these attacks were targeted in their nature, if an organisation with the technical and financial resources of Lenovo can fall prey to hackers, it may be worth considering the vulnerability of your own organisation.
If you have any questions regarding online security, please call our team on 01293 871971.