Lenovo.com has been hacked. Starting at 4PM ET, users visiting the site saw a slideshow of disaffected youths, set to the song "Breaking Free" from High School Musical. At 4:17, the site seemed to have reverted to its normal self, although HTML problems persist and in some instances, the song continued to play in the background. The hacked version has reappeared intermittently as cached versions work through the system, although by 5:30pm, the site appeared to be back to normal.
The source code for the hacked page identified it as, "the new and improved rebranded Lenovo website featuring Ryan King and Rory Andrew Godfrey," both of whom have been publicly identified as members of the hacker collective Lizard Squad. It's unclear whether King and Godfrey are actually related to the hack, or if the attackers are simply using their names and photos to muddle their true identity.
"The new and improved rebranded Lenovo website."
The hack comes on the heels of a wave of public criticism of Lenovo, after the company bundled computers with an encryption-breaking adware program known as Superfish. Lenovo eventually released a program to remove the software and restore affected users, but the debacle left many users unhappy with the company. That lingering mistrust may have contributed to the attack.
There's your problem, @lenovo. pic.twitter.com/H4uIstGnoe— Jonathan Zdziarski (@JZdziarski) February 25, 2015
The attackers seem to have hijacked Lenovo's domain record, an attack that would have given them the power to redirect the lenovo.com url to a new server under their control. The attack targets entirely external infrastructure, similar to the Syrian Electronic Army's attacks against Twitter and The New York Times in 2013. As a result, there's no reason to believe the attackers have breached Lenovo's internal network. Still, it's an embarrassing incident for the company, particularly on the heels of security concerns over Superfish.