Lenovo Installed Malicious Adware on Customers’ Computers – Here’s How to Remove it

How-to-Remove-ZenSearch.com_[1]When Sony was caught in 2005 using audio CDs to install rootkits on their customers' computers, they set a new standard for boneheaded attacks on the people who give you money.

This week Lenovo met the Sony rootkit standard, and exceeded it. The Chinese gadget maker has been caught installing adware in the laptops it has been selling in the US and elsewhere.

TNW reported early this morning that numerous users on the lenovo support forums were seeing spurious ads mixed into Google search results and other sites. The ads had shown up as early as June and September 2014, but the story didn't break until this week.

To put it simply, Lenovo was doing to their customers what someone (my previous webhost, I think) did to my blog. In this case the adverts were being injected by a piece of adware called Superfish, which several victims identified as having been installed by Lenovo before they bought the laptops.

That's the bad news; here's the worse news.

According to security researchers, Superfish didn't just inject ads into a user's browsing sessions; it was "designed to intercept all encrypted connections, things it shouldn't be able to see". Not only that, the adware was so poorly written that it introduced the same security hole on to all infected computers, thus giving enterprising and malicious hackers an easy opportunity to subvert millions of computers with a single trick.

banksy-big_2881507c[1]

And just to be clear folks, this security hole is the kind of thing which app developers and OS developers work strenuously to remove and repair - and Lenovo introduced one just so it could sell advertising.

After denying the severity and trying to talk around the problem, Lenovo finally admitted to the issue and posted instructions on how to remove the ap and repair the security hole.

They also shared a list of affected computers. Hopefully it is complete:

  • G Series: G410, G510, G710, G40-70, G50-70, G40-30, G50-30, G40-45, G50-45
  • U Series: U330P, U430P, U330Touch, U430Touch, U530Touch
  • Y Series: Y430P, Y40-70, Y50-70
  • Z Series: Z40-75, Z50-75, Z40-70, Z50-70
  • S Series: S310, S410, S40-70, S415, S415Touch, S20-30, S20-30Touch
  • Flex Series: Flex2 14D, Flex2 15D, Flex2 14, Flex2 15, Flex2 14(BTM), Flex2 15(BTM), Flex 10
  • MIIX Series: MIIX2-8, MIIX2-10, MIIX2-11
  • YOGA Series: YOGA2Pro-13, YOGA2-13, YOGA2-11BTM, YOGA2-11HSW
  • E Series: E10-30

You can find the instructions to remove the adware in this PDF.

Luckily for me, my two-year-old Lenovo laptop was made before Lenovo started attacking its customers, so I don't have to worry about about Superfish.

I also know my next laptop won't be at risk, because it sure as hell won't be made by Lenovo.

TNW

images via The TelegraphSpyware Removers

About Nate Hoffelder (11598 Articles)
Nate Hoffelder is the founder and editor of The Digital Reader:"I've been into reading ebooks since forever, but I only got my first ereader in July 2007. Everything quickly spiraled out of control from there. Before I started this blog in January 2010 I covered ebooks, ebook readers, and digital publishing for about 2 years as a part of MobileRead Forums. It's a great community, and being a member is a joy. But I thought I could make something out of how I covered the news for MobileRead, so I started this blog."

12 Comments on Lenovo Installed Malicious Adware on Customers’ Computers – Here’s How to Remove it

  1. I avoid all brands from China when I buy computers/tablets/mobile phones etc. I don’t want to increase my chance of being monitored.

  2. Wow, and I thought the TVs from Samsung that could hear what people watching it were saying, and reporting it back to the company, was bad enough.

    Yep. No products from these guys for me either. Thanks!

  3. I’m starting to think the best PCs to buy are the Signature series from the Microsoft Store: clean, OS-only systems.
    Either that or build your own, for desktops and servers.

  4. 🙂

    I’ll still stick w/Macs for now though.

  5. AFAIK Lenovo are the only company to still make decent keyboards with their laptops. As such, I’ll keep buying Lenovo. Spyware can be zapped. Keyboards like like rows of little rubber bubbles where te cursor keys have massive spaces around them or are too small cannot be replaced.

  6. Mac. Just sayin’.

    And if you’re a writer, there’s an added bonus: with a Mac, you can upload your books directly for sale on iBooks and avoid paying an aggregator like Direct2Digital or Smashmargins a % of every sale. Sell enough books on Apple, and that % you save will buy your next Mac for you. 🙂

2 Trackbacks & Pingbacks

  1. Security Software Found With Superfish-Style Security Holes ⋆ Ink, Bits, & Pixels
  2. Google Kills 200 Ad-Injecting Chrome Extensions, Says a Third Were Malware ⋆ Ink, Bits, & Pixels

Leave a comment

Your email address will not be published.


*