The website of PC maker Lenovo has been hijacked a week after the company was forced to apologise for pre-installing adware on its consumer PCs that was condemned for insecurity.
The company’s Lenovo.com website DNS entry was tampered with, redirecting users to images of a bored teenager in what looks like a wig, presumably surreptitiously taken from their laptop’s webcam, together with a sound track – “Breaking Free” from the movie High School Musical, according to reports. Internal company emails were also intercepted in the attack, according to Lenovo.
The hijacking was similar to the one perpetrated by the same group last week against Google’s Vietnamese website, with the company’s Lenovo.com DNS entry redirected to a Lizard Squad website instead.
“Someone has screwed up, and allowed Lenovo’s DNS entry to be messed with by an unauthorised party, redirecting any legitimate traffic it might have been receiving to a third-party webpage,” explained independent security commentator Graham Cluley.
He continued: “Unfortunately, this website hijacking may not be the last of Lenovo’s troubles. Lizard Squad has been tweeting images of emails apparently sent from public relations staff to Lenovo’s management, about the DNS hijacking.”
Lenovo claims that it restored normal service after several hours last night. “We are actively reviewing our network security and will take appropriate steps to bolster our site and to protect the integrity of our users’ information,” it said in a statement.
Lizard Squad has claimed responsibility for a number of high-profile cyber attacks in recent years, including attacks that took down Sony’s PlayStation Network and Microsoft’s rival Xbox Live network last month.