Just days after being criticized for preinstalling marketing type software deemed by the federal government as being a possible threat to security, Lenovo’s website was hacked. Calling themselves the “Lizard Squad”, the hackers took full responsibility for the attack. This same group of hackers attacked the video game network for Sony’s Playstation last month.
According to an insider, one aspect of the attack involved traffic being redirected away from the website. As expected, this factor of the attack is being fully investigated, among others.
Visitors to the Lenovo website were greeted with a song from the “High School Musical” movie called Breaking Free, along with a webcam like image of a young man in a bedroom who looked completely bored. In addition, visitors received a message that read, “The new and improved rebranded Lenovo website featuring Ryan King and Rory Andrew Godfrey, a direct reference to people connected with the Lizard Squad. Afterwards, visitors were redirected to an entirely different website.
Although the attack was obvious yesterday, today it appears to be functioning normally. Lenovo, which is the number one makers of PCs and based in China, could not immediately reached for a formal statement.
However, an analyst with Morningstar said that it appears as if the group were dissatisfied with the episode of Superfish, the preloaded marketing software loaded by Lenovo from September to December, and used the DNS hack as a method of payback.
Superfish software was only loaded on laptops purchased by consumers opposed to ThinkPad, a laptop used primarily by business people. Lenovo did apologize for reloading the software, claiming they had no knowledge of any security threat until information was released by the government last week.
In addition to Lenovo’s main website being attacked, the primary search engine of Google for Vietnam was also hit. Experts stated that Lenovo and the Vietnam Google search engine’s domains were attacked, which involved translating the domains to IP addressed capable of being called into a browser.
At this time, experts believe the changes were done through Webnic.cc, a company in Malaysia where domain names are registered. This was possible by though through Web Commerce Communications. That company was also asked for comment but refused to release any information.
Specific to Lenovo, registration details for the website’s domain name was redirected to CloudFare nameservers, a California-based company that works to improve website performance. Nameservers are used to tell computers the correct IP address needed in order to view a site.
Although the attacked is deemed low-brow style, the name records of domains are still changed that for people who use the Web can be dangerous since they have virtually no method of protection. The bigger problem is that hackers can redirect traffic to sites that install malicious software automatically although this does not appear to be the case for Lenovo or Google.