The website of computer maker Lenovo was hacked yesterday, apparently by Lizard Squad, just days after the company was embroiled in controversy about the “Superfish” adware.
A group claiming to be Lizard Squad was able to redirect users looking for Lenovo’s official website to another, made by the hackers, which appeared to taunt the laptop maker. The false site was up for around 90 minutes until the original site was restored.
The site seemed to imply that the attack was related to the revelation last week that Lenovo computers had come pre-installed with Superfish, a piece of dangerous advertising software. If users clicked on the image of a person that was put on the site, they were taken to a Twitter account criticising Lenovo over the Superfish software.
When hackers take control of websites in such a way, it doesn’t compromise the site itself. Instead, attackers are able to bypass the company’s servers entirely and send visitors to a different location on the web.
But the attack also seemed to allowed hackers to intercept Lenovo’s email. Lizard Squad tweeted photos that were supposedly of emails sent notifying executives of the hack, as well as revealing what was purported to be the compay’s response to user complaints about Superfish.
Superfish removal bricks some devices? Great work Lenovo pic.twitter.com/phXiBS3KzO— Lizard Squad (@LizardCircle) February 25, 2015
It seemed to imply that further leaked emails could be released in the future.
We'll comb the Lenovo dump for more interesting things later.— Lizard Squad (@LizardCircle) February 25, 2015
In a statement to The Independent, Lenovo said: "Unfortunately, Lenovo has been the victim of a cyber attack. One effect of this attack was to redirect traffic from the Lenovo website. We are also actively investigating other aspects. We are responding and have already restored certain functionality to our public facing website.
We regret any inconvenience that our users may have if they are not able to access parts of our site at this time. We are actively reviewing our network security and will take appropriate steps to bolster our site and to protect the integrity of our users’ information and experience.
We are also working proactively with 3rd parties to address this attack and we will provide additional information as it becomes available."Reuse content