Lenovo.com was hijacked and email communications were intercepted by hackers just days after the company admitted to installing dangerous adware on many of its computers before shipping them to unsuspecting customers.
â€œUnfortunately, Lenovo has been the victim of a cyber-attack. One effect of this attack was to redirect traffic from the Lenovo website. We are also actively investigating other aspects,â€ the company said in a statement to Ars Technica.
The site displayed a blank page and the message â€œunavailable due to system maintenance,â€ but some users were redirected to a slideshow of images of teens sitting in front of their computers. When clicked, the images linked to @LizardCircle, a Twitter account criticizing Lenovo for preloading some of its computers with ad-injecting software that completely broke encrypted connections to HTTPS-protected websites.
Hackers apparently compromised a Lenovo account registered at Web Commerce Communications, and changed the IP address of the Lenovo.com site to refer to a new site hidden under CloudFlare servers. Bypassing the companyâ€™s legitimate servers, the attackers managed to direct people to their servers instead. Thus, they intercepted e-mail communications until the company removed the MX email records and cut off the process.
Lizard Squad has taken credit for the attack and promised to search the dump for â€œinteresting things.â€