Lenovo woes continue with DNS hack

Following the Superfish scandal that has engulfed Lenovo in recent days, the Chinese computer maker’s website was temporarily compromised.

Lizard Squad, as usual, claimed credit for the attack, which saw visitors to Lenovo’s homepage greeted with a slideshow and criticism of its involvement with Superfish.

Last week it emerged that adware was pre-installed on Lenovo computers via Superfish software. It didn’t go down well when the news came out, with its existence on Lenovo machines leaving consumers open to potential man-in-the-middle attacks.

Superfish essentially tracked users’ browsing activities, allowing it to place additional ads on the sites frequented most.

“Unfortunately, Lenovo has been the victim of a cyber attack,” said the company in a statement on The Wall Street Journal.

Lenovo acting

“One effect of this attack was to redirect traffic from the Lenovo website. We are also actively investigating other aspects of the attack. We are responding and have already restored certain functionality to our public facing website.”

Hackers seem to have found a way to take control of the DNS and redirect traffic to an account at CloudFlare, a security company in San Francisco, which has now been shut down. CloudFare actually works to protect companies from such attacks, but Lenovo isn’t one of its customers.

“It appears their registrar account was compromised and DNS was pointed to us,” said CloudFlare CEO Matthew Prince to eWEEK. “As soon as we were made aware we locked the associated account and reached out to Lenovo to assist them with regaining control of their domain.”

A Twitter account claiming to be attributed to hacking group Lizard Squad also claims further action is on the way.

We’ll comb the Lenovo dump for more interesting things later.

— Lizard Squad (@LizardCircle) February 25, 2015

Website attack image via Shutterstock