Superfish Was Not the End for Lenovo

2015 is not off to a great start for Lenovo, the world’s leading PC manufacturer.  On February 19, it was discovered that the company pre-installed their computers with a dangerous adware program known as Superfish.  The Verge reports that this piece of software would “allow anyone to unlock the certificate authority and bypass the computer’s web encryption” (The Verge).  Essentially, Superfish could allow a user on the same network as a Lenovo computer to spy on the Lenovo user or infect their system with malware.  In light of this discovery and public backlash from users, Lenovo has provided customers with a tool to completely remove Superfish from their computers.

Following this discovery that fostered deep mistrust in the company, Lenovo’s website was hacked on February 25.  Anyone that visited Lenovo’s site between 4pm EST and 5:30pm EST were greeted by a slideshow of disaffected youths and the song “Breaking Free” from High School Musical.  The attack appears to come from the hacker group known as Lizard Squad; the infected source code attributes the work to two publicly known members of the organization, Ryan King and Rory Andrew Godfrey.  However, the masterminds behind this attack have yet to be confirmed as the real hackers could just be hiding behind their names.  Due to the nature of the attack, there has been no reason to believe that these hackers breached Lenovo’s internal network.

In an attempt to due some much needed damage control, Lenovo announced, on February 27, a two part plan to “become the leader in providing cleaner, safer PCs” (Lenovo).  The first part of this plan involves scaling back the amount of pre-installed software on their computers; the company claims their computers will only include the operating system and software and drivers required for the hardware, like a fingerprint reader, security software, and useful Lenovo applications by the time Windows 10 is released.  The second part of the plan will have the company list all pre-installed software and its uses on the computer; this should help limit the amount of bloatware in their computers.

Although Lenovo is actively trying to reverse the damage, it is still an embarrassing and unfortunate series of events for a premier company.  It should be interesting to see how Lenovo’s attempts progress as well as their future attempts to move forward in the midst of deep mistrust from consumers.

– Kaitlin Keenan

Sources:

The Verge:  http://www.theverge.com/2015/2/25/8110201/lenovo-com-has-been-hacked-apparently-by-lizard-squad

Lenovo’s Plan:  http://news.lenovo.com/article_display.cfm?article_id=1934

Advertisements