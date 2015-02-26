Feb 25 China's Lenovo Group Ltd
website was hacked, the company said on Wednesday, days after
the U.S. government advised Lenovo customers to remove a
pre-installed virus-like software, "Superfish", on laptops that
makes the devices more vulnerable to attacks.
Hacking group Lizard Squad claimed to be behind the attacks,
according to its Twitter page.
Lizard Squad has taken credit for several high-profile
outages, including attacks that took down Sony Corp's
PlayStation Network and Microsoft Corp's Xbox Live
network last month. Members of the group have not been
identified.
"The domain name service server hosting Lenovo's website was
hacked. We do not have any further information at this time to
share. We'll update as soon as possible," Lenovo said in a
statement to Reuters.
San Francisco-based security firm CloudFlare said hackers
transferred the domain to CloudFlare in order to point it to a
defacement site.
"As soon as we at CloudFlare noticed, we seized the account
and worked with Lenovo to restore service while they worked to
recover their domain," Marc Rogers, Principal Security
Researcher at CloudFlare, said in an email to Reuters.
Starting 4 p.m. ET (2100 GMT) on Wednesday, visitors to the
Lenovo website saw a slideshow of young people looking into
webcams and the song "Breaking Free" playing in the background,
according to The Verge, which first reported the breach. (bit.ly/1ERn9aO)
"We're breaking free! Soarin', flyin', there's not a star in
heaven that we can't reach!," Lizard Squad posted on its Twitter
page, quoting the song from the movie "High School Musical". (bit.ly/1DrLdBk)
The hackers also posted a couple of screenshots of an email
between Lenovo employees regarding the "Superfish" software.
The Department of Homeland Security said in an alert on
Friday that the "Superfish" program makes users vulnerable to a
type of cyberattack known as SSL spoofing, in which remote
attackers can read encrypted web traffic, redirect traffic from
official websites to spoofs, and perform other attacks.
Rogers also said CloudFlare was able to restore service
before Lenovo recovered the domain, suggesting that the outage
was probably "quite small".
However, Lenovo's website was inaccessible at 7:54 p.m. ET
(0054 GMT). A message said the site was unavailable due to
system maintenance.
(By Devika Krishna Kumar in Bangaluru and Gerry Shi in Beijing;
Additional reporting by Rohit T. K. in Bengaluru; Editing by Ken
Wills)