Lenovo Installed Malicious Adware on Customers’ Computers – Here’s How to Remove it

Lenovo Installed Malicious Adware on Customers' Computers - Here's How to Remove it Advertising Security & Privacy When Sony was caught in 2005 using audio CDs to install rootkits on their customers' computers, they set a new standard for boneheaded attacks on the people who give you money.

This week Lenovo met the Sony rootkit standard, and exceeded it. The Chinese gadget maker has been caught installing adware in the laptops it has been selling in the US and elsewhere.

TNW reported early this morning that numerous users on the lenovo support forums were seeing spurious ads mixed into Google search results and other sites. The ads had shown up as early as June and September 2014, but the story didn't break until this week.

To put it simply, Lenovo was doing to their customers what someone (my previous webhost, I think) did to my blog. In this case the adverts were being injected by a piece of adware called Superfish, which several victims identified as having been installed by Lenovo before they bought the laptops.

That's the bad news; here's the worse news.

According to security researchers, Superfish didn't just inject ads into a user's browsing sessions; it was "designed to intercept all encrypted connections, things it shouldn't be able to see". Not only that, the adware was so poorly written that it introduced the same security hole on to all infected computers, thus giving enterprising and malicious hackers an easy opportunity to subvert millions of computers with a single trick.

Lenovo Installed Malicious Adware on Customers' Computers - Here's How to Remove it Advertising Security & Privacy

And just to be clear folks, this security hole is the kind of thing which app developers and OS developers work strenuously to remove and repair - and Lenovo introduced one just so it could sell advertising.

After denying the severity and trying to talk around the problem, Lenovo finally admitted to the issue and posted instructions on how to remove the ap and repair the security hole.

They also shared a list of affected computers. Hopefully it is complete:

  • G Series: G410, G510, G710, G40-70, G50-70, G40-30, G50-30, G40-45, G50-45
  • U Series: U330P, U430P, U330Touch, U430Touch, U530Touch
  • Y Series: Y430P, Y40-70, Y50-70
  • Z Series: Z40-75, Z50-75, Z40-70, Z50-70
  • S Series: S310, S410, S40-70, S415, S415Touch, S20-30, S20-30Touch
  • Flex Series: Flex2 14D, Flex2 15D, Flex2 14, Flex2 15, Flex2 14(BTM), Flex2 15(BTM), Flex 10
  • MIIX Series: MIIX2-8, MIIX2-10, MIIX2-11
  • YOGA Series: YOGA2Pro-13, YOGA2-13, YOGA2-11BTM, YOGA2-11HSW
  • E Series: E10-30

You can find the instructions to remove the adware in this PDF.

Luckily for me, my two-year-old Lenovo laptop was made before Lenovo started attacking its customers, so I don't have to worry about about Superfish.

I also know my next laptop won't be at risk, because it sure as hell won't be made by Lenovo.

TNW

images via The TelegraphSpyware Removers

Nate Hoffelder

View posts by Nate Hoffelder
Nate Hoffelder is the founder and editor of The Digital Reader: He's here to chew bubble gum and fix broken websites, and he is all out of bubble gum. He has been blogging about indie authors since 2010 while learning new tech skills at the drop of a hat. He fixes author sites, and shares what he learns on The Digital Reader's blog. In his spare time, he fosters dogs for A Forever Home, a local rescue group.

14 Comments

  1. R19 February, 2015

    I avoid all brands from China when I buy computers/tablets/mobile phones etc. I don’t want to increase my chance of being monitored.

    Reply
  2. Felipe Adan Lerma20 February, 2015

    Wow, and I thought the TVs from Samsung that could hear what people watching it were saying, and reporting it back to the company, was bad enough.

    Yep. No products from these guys for me either. Thanks!

    Reply
  3. fjtorres20 February, 2015

    I’m starting to think the best PCs to buy are the Signature series from the Microsoft Store: clean, OS-only systems.
    Either that or build your own, for desktops and servers.

    Reply
    1. Nate Hoffelder20 February, 2015

      Dammit Lenovo, why’d you have to go and make Microsoft look good?

      Reply
      1. fjtorres20 February, 2015

        MS has always been against crapware.
        They only allow it because of the antitrust settlement forces them.

        Reply
  4. Felipe Adan Lerma20 February, 2015

    🙂

    I’ll still stick w/Macs for now though.

    Reply
  5. anothername20 February, 2015

    AFAIK Lenovo are the only company to still make decent keyboards with their laptops. As such, I’ll keep buying Lenovo. Spyware can be zapped. Keyboards like like rows of little rubber bubbles where te cursor keys have massive spaces around them or are too small cannot be replaced.

    Reply
    1. fjtorres20 February, 2015

      Microsoft store carries some Lenovo models 😀

      Reply
    2. Nate Hoffelder20 February, 2015

      I hated – and I mean hated – the KB on my lenovo u410. It was so horribly designed that it was unusable, and the trackpad was worse.

      Reply
  6. Paul Draker21 February, 2015

    Mac. Just sayin’.

    And if you’re a writer, there’s an added bonus: with a Mac, you can upload your books directly for sale on iBooks and avoid paying an aggregator like Direct2Digital or Smashmargins a % of every sale. Sell enough books on Apple, and that % you save will buy your next Mac for you. 🙂

    Reply
    1. Nate Hoffelder21 February, 2015

      Well, some of us can’t afford to pay the Apple tax. 😉

      Reply
  7. […] Lenovo was caught last week in the process of corrupting its customers safety and security in the name of selling ads, I […]

    Reply
  8. […] may have backtracked from using a dangerously unsafe ad injector to make a few extra dollars off of its customers, but they weren't the only bad actor out […]

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Scroll to top