Lenovo website hack redirects users days after adware blunder

BEIJING — Lenovo Group’s website was hijacked and visitors were redirected to another site, less than a week after the company was criticised for pre-installing advertising software on consumer laptops that exposed users to hacking.

The company said it had restored some functionality to the site. Customers reported a breach in which they saw videos of young people looking into webcams, with the song Breaking Free from the movie High School Musical playing in the background.

Some employee emails were also leaked.

Hacking group Lizard Squad claimed responsibility for the attacks, the group said on its Twitter page. The group has taken credit for several high-profile outages, including attacks that took down Sony’s PlayStation Network and Microsoft’s Xbox Live network last month.

The hackers took over Lenovo’s site apparently by altering the records with the domain-name registrar used by the company, said Mr Matthew Prince, co-founder and chief executive officer of CloudFlare, a San Francisco security company.

“One effect of this attack was to redirect traffic from the Lenovo website,” Lenovo said in a statement. “We are also actively investigating other aspects. We are responding and have already restored certain functionality to our public-facing website.”

The Beijing-based company said it was reviewing network security and will take appropriate steps to bolster the site and protect user data.

Last week, the world’s largest PC maker apologised to customers and pushed out fixes to remove software made by a company called Superfish.

The software, pre-installed by Lenovo on many consumer devices, was able to monitor Web behaviour and suggest advertisements based on images that a user might be viewing.

The technology essentially broke the encryption between Web browsers and sites that handle sensitive information, such as banking and e-commerce, potentially exposing machines to hacking. Agencies