dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
1105

Link Logger
MVM
join:2001-03-29
Calgary, AB

2 recommendations

Link Logger

MVM

Lenovo website hacked, employee emails compromised

Lizard Squad group takes responsibility
quote:
Chinese computer and smartphone firm Lenovo Group Ltd said its website was hacked on Wednesday, its second security blemish days after the U.S. government advised consumers to remove software called "Superfish" pre-installed on its laptops.

Hacking group Lizard Squad claimed credit for the attacks on microblogging service Twitter. Lenovo said attackers breached the domain name system associated with Lenovo and redirected visitors to lenovo.com to another address, while also intercepting internal company emails.

Lizard Squad posted an email exchange between Lenovo employees discussing Superfish. The software was at the centre of public uproar in the United States last week when security researchers said they found it allowed hackers to impersonate banking websites and steal users' credit card information.

In a statement issued in the United States on Wednesday night, Lenovo, the world's biggest maker of personal computers, said it had restored its site to normal operations after several hours.

»www.cbc.ca/news/technolo ··· .2972976

So I wonder who the Chinese are going to blame.

Blake
scelli (banned)
Four More Years!
join:1999-08-07
FLOT/FEBA

scelli (banned)

Member

said by Link Logger:

Lizard Squad posted an email exchange between Lenovo employees discussing Superfish.

Any idea what was discussed in those e-mails?

siljaline
I'm lovin' that double wide
Premium Member
join:2002-10-12
Montreal, QC

siljaline

Premium Member

More here, it would appear email was taken as well.
»arstechnica.com/security ··· servers/

chachazz
Premium Member
join:2003-12-14

1 recommendation

chachazz to Link Logger

Premium Member

to Link Logger
quote:
Two days ago, attackers allegedly associated with the fame-seeking group Lizard Squad briefly hijacked Google’s Vietnam domain (google.com.vn). On Wednesday, Lenovo.com was similarly attacked.

Sources now tell KrebsOnSecurity that both hijacks were possible because the attackers seized control over Webnic.cc, the Malaysian registrar that serves both domains and 600,000 others.

Webnic.cc is currently inaccessible.
»krebsonsecurity.com/2015 ··· domains/
85160670 (banned)
"If U know neither the enemy nor yoursel
join:2013-09-17
Edmonton, AB

1 edit

1 recommendation

85160670 (banned) to Link Logger

Member

to Link Logger
Click for full size
"So I wonder who the Chinese are going to blame." ¿ ¿ The ONE who like "SUPER_fish" ............... just kidding *_* #confirm : Superfish removal bricks some devices? Great work Lenovo pic.twitter.com/phXiBS3KzO

— Lizard Squad (@LizardCircle) February 25, 2015
Lizard Squad is claiming responsibility for a hack over Lenovo's website that, under certain conditions, is redirecting visitors to a splash page with the names of two alleged members of the Lizard Squad group embedded within the HTML code. The splash page was advertised as the "new and improved" Lenovo website which carried a link to the Lizard Squad Twitter account and played the High School Musical song "Breaking Free" in the background.

We're breaking free! Soarin', flyin', there's not a star in heaven that we can't reach!

— Lizard Squad (@LizardCircle) February 25, 2015"

siljaline
I'm lovin' that double wide
Premium Member
join:2002-10-12
Montreal, QC

siljaline to Link Logger

Premium Member

to Link Logger
Some news via ESET on the Lizard Squad hack of LOL-Lenovo:

»www.welivesecurity.com/2 ··· ibility/

Some corrections were made on detections of SuperFish.
siljaline

siljaline to Link Logger

Premium Member

to Link Logger
The LOL-Lenovo SuperFish Flap has caused some serious buzz kill on the LOL-Lenovo brand -
»www.computerworld.com/ar ··· lap.html
dave
Premium Member
join:2000-05-04
not in ohio

4 recommendations

dave to Link Logger

Premium Member

to Link Logger
Oh, please please please tell me the breakin made use of the Superfish certificates stored on Lenovo's web server
Nanaki (banned)
aka novaflare. pull punches? Na
join:2002-01-24
Akron, OH

Nanaki (banned)

Member

That would be funny as hell.

siljaline
I'm lovin' that double wide
Premium Member
join:2002-10-12
Montreal, QC

siljaline to Link Logger

Premium Member

to Link Logger
This Verge article (now outdated) broke across many MVP Alum mailing lists when the Lenovo site was first compromised - it shows the timeline of events.

»www.theverge.com/2015/2/ ··· rd-squad

chachazz
Premium Member
join:2003-12-14

chachazz to Link Logger

Premium Member

to Link Logger

Webnic Registrar Blamed for Hijack of Lenovo, Google Domains
26 Feb 15
quote:
...the Lizard Squad used a command injection vulnerability in Webnic.cc to upload a rootkit - a set of hacking tools that hide the intruder's presence on a compromised system and give the attacker persistent access to that system.

... the Lizard Squad also gained access to Webnic's store of "auth codes"; (also known as "transfer secrets" or "EPP" codes), unique and closely-guarded codes that can be used to transfer any domain to another registrar.

...the rootkit has been removed from Webnic's servers, meaning the Lizard Squad should no longer be able to hijack Webnic domains with the same method they used to redirect Lenovo.com or Google Vietnam.
»krebsonsecurity.com/2015 ··· domains/

siljaline
I'm lovin' that double wide
Premium Member
join:2002-10-12
Montreal, QC

siljaline to Link Logger

Premium Member

to Link Logger
A nice hash-up of what's been going on this past week or so that surely is of interest to some.

Zero Day Weekly: Superfish attacks, FBI GameoverZeus bounty, Komodia in Lavasoft
»www.zdnet.com/article/ze ··· avasoft/
dave
Premium Member
join:2000-05-04
not in ohio

dave

Premium Member

Linked article, also interesting: »www.zdnet.com/article/th ··· g-in-it/

Amusing quote:
quote:
It sounds to me like if Lenovo were a car company, you'd start driving to your mother's house, but before you even got to the end of your street, the car would have decided to take a detour, pick up a few of its mates, and head out for pizza.
Depressing quote:
quote:
Many of the sci-fi dystopias of the 1970s imagined the creation of a two-tier society, with one level for corporations and governments in an all-too-close alignment, and the other an endless advertising-riddled shopping mall for the proles. Well, it's already here.

siljaline
I'm lovin' that double wide
Premium Member
join:2002-10-12
Montreal, QC

siljaline to Link Logger

Premium Member

to Link Logger
Wow. Lenovo hits it out of the park. Only essential software and drivers included from now on, with full transparency -
»twitter.com/SwiftOnSecur ··· 55904258
Nanaki (banned)
aka novaflare. pull punches? Na
join:2002-01-24
Akron, OH

Nanaki (banned)

Member

Yeh maybe they should have done that before?
scelli (banned)
Four More Years!
join:1999-08-07
FLOT/FEBA

scelli (banned) to siljaline

Member

to siljaline
said by siljaline:

...with full transparency

Considering there are some who persist in using this ridiculous buzzword (current and previous occupants of 1600 Pennsylvania Avenue immediately come to mind...) as some sort of magical cure-all, then those same persons, organizations or entities immediately lose credibility in my mind. I'd rather the bunch of them just shut their pie holes and correct the problem ASAP instead of belching out useless rhetoric.

The phrase (as well as those who insist on coining it) need to be sent packing.

Snowy
Lock him up!!!
Premium Member
join:2003-04-05
Kailua, HI

Snowy to siljaline

Premium Member

to siljaline
said by siljaline:

Wow. Lenovo hits it out of the park. Only essential software and drivers included from now on, with full transparency -
»twitter.com/SwiftOnSecur ··· 55904258

The full press release
»news.lenovo.com/article_ ··· _id=1934

siljaline
I'm lovin' that double wide
Premium Member
join:2002-10-12
Montreal, QC

siljaline

Premium Member

Read that, Snowy See Profile, TA, tough - it's more LOL-Lenovo Corporate CYA as is offering six-month subscription to Intel's McAfee LiveSafe
scelli (banned)
Four More Years!
join:1999-08-07
FLOT/FEBA

scelli (banned) to Snowy

Member

to Snowy
said by Snowy:

The full press release

A lot of nice words coming from an organization caught with one hand in the cookie jar and the thumb of the other hand firmly shoved up another area we won't mention here.

Anyone catch this miniscule but quite revealing part of the statement and then do an immediate double-take like I did:

This should eliminate what our industry calls “adware” and “bloatware.”

Now I ask you, folks: since Lenovo was already well aware they were pre-loading such junk on their PC's for the end-user to "enjoy", does anyone really think these bozos would have ceased doing so if the doo-doo hadn't hit the oscillation machine last week?
dave
Premium Member
join:2000-05-04
not in ohio

dave to scelli

Premium Member

to scelli
You're focusing on the wrong words. The right words to look at closely are "essential software".

Essential how, to whom, and why?
scelli (banned)
Four More Years!
join:1999-08-07
FLOT/FEBA

scelli (banned)

Member

said by dave:

You're focusing on the wrong words. The right words to look at closely are "essential software".

Essential how, to whom, and why?

You lost me here: where is so-called "essential software" mentioned in that statement? Of course they are welcome to place those two words together until the cows come home, but they won't be using the same dictionary I and many others do when defining the proper meaning of the term.

Snowy
Lock him up!!!
Premium Member
join:2003-04-05
Kailua, HI

Snowy

Premium Member

said by scelli:

You lost me here: where is so-called "essential software" mentioned in that statement?

You won't find that in the Lenovo statement.
It's attributable to the tweeter that did what tweeters do - condense many words to few words.
"essential software"
is the tweeters interpretation of Lenovo's
"our standard image will only include the operating system and related software, software required to make hardware work well (for example, when we include unique hardware in our devices, like a 3D camera), security software and Lenovo applications."

»news.lenovo.com/article_ ··· _id=1934 >>>>>
»twitter.com/SwiftOnSecur ··· 55904258
said by scelli:

Of course they are welcome to place those two words together until the cows come home, but they won't be using the same dictionary I and many others do when defining the proper meaning of the term.

Both you & dave See Profile are arguing the same point - words are cheap, that it's not what one says but what one does that brings about measurable/meaningful change.

Blackbird
Built for Speed
Premium Member
join:2005-01-14
Fort Wayne, IN

Blackbird to Link Logger

Premium Member

to Link Logger
Talk is easy. Actions are what impress folks. And Lenovo's actions to date are... uhmm... less than impressive. The negative impressions created by their past actions will only be altered by their future positive actions, not their promises nor their wordsmith abilities. In between now and the future, people will view them in light of what they did, not by what they've promised to "fix" things. And justifiably so...
scelli (banned)
Four More Years!
join:1999-08-07
FLOT/FEBA

2 recommendations

scelli (banned) to Snowy

Member

to Snowy
said by Snowy:

...is the tweeters interpretation of Lenovo's

Didn't see that link with the "tweets" and probably would have ignored it anyway as don't do the tweeting thing. The comments displayed are yet another classic example as to why I don't get involved with social media like Twitter, Facebook and others of their ilk by the way: one half of those expressing their opinion apparently are being judicially cautious of the peaches-and-cream mea culpa statement by Lenovo and rightfully so in my opinion. The other half want to elevate Lenovo practically to sainthood for their stunning turnaround in support of computer users everywhere after such a naughty faux pas...or so it would seem on the surface.

Talk is cheap as a number of us here are more than aware.
dave
Premium Member
join:2000-05-04
not in ohio

dave to Snowy

Premium Member

to Snowy
Ah, yes: "essential software" was not used in the Lenovo statement, only in the Twit link that siljaline See Profile posted. My error.

siljaline
I'm lovin' that double wide
Premium Member
join:2002-10-12
Montreal, QC

siljaline to Link Logger

Premium Member

to Link Logger
Issues fix to remove crapware's certificate from the browser's repository
quote:
Mozilla has released an update to Firefox that erases the self-signed digital certificate implanted by Superfish, the vulnerable adware that blew up in Lenovo's face a week and a half ago.
»www.computerworld.com/ar ··· fox.html

»twitter.com/gkeizer/stat ··· 00068353
siljaline

1 recommendation

siljaline to Link Logger

Premium Member

to Link Logger
Ed Bott makes a valid statement and point here !
quote:
Is it time to force PC makers to disclose how much they make from crapware?
»www.zdnet.com/article/is ··· ing-act/
siljaline

1 recommendation

siljaline to Link Logger

Premium Member

to Link Logger
Conn. AG launches Lenovo-Superfish 'crapware' probe | Asks companies to provide information in 20 days about contracts, 'financial arrangements,' testing, much more.
quote:
Three days after Chinese computer maker Lenovo promised to flush "crapware" from its consumer PCs, Connecticut's state attorney general announced a probe into the company's practice of bundling adware. [...]
»www.computerworld.com/ar ··· obe.html

NOYB
St. John 3.16
Premium Member
join:2005-12-15
Forest Grove, OR

NOYB to scelli

Premium Member

to scelli
said by scelli:

This should eliminate what our industry calls "adware" and "bloatware".


So what are the new adjectives now for "adware" and "bloatware"?
NOYB

NOYB to Link Logger

Premium Member

to Link Logger

Something even more insidious is on the way to your next new computer. Like such capabilities being embedded in to essential system software, drivers, and hardware, etc.