Lenovo Installed Malicious Adware on Customers' Computers – Here’s How to Remove it
When Sony was caught in 2005 using audio CDs to install rootkits on their customers' computers, they set a new standard for boneheaded attacks on the people who give you money.
This week Lenovo met the Sony rootkit standard, and exceeded it. The Chinese gadget maker has been caught installing adware in the laptops it has been selling in the US and elsewhere.
TNW reported early this morning that numerous users on the lenovo support forums were seeing spurious ads mixed into Google search results and other sites. The ads had shown up as early as June and September 2014, but the story didn’t break until this week.
To put it simply, Lenovo was doing to their customers what someone (my previous webhost, I think) did to my blog. In this case the adverts were being injected by a piece of adware called Superfish, which several victims identified as having been installed by Lenovo before they bought the laptops.
That’s the bad news; here’s the worse news.
According to security researchers, Superfish didn’t just inject ads into a user’s browsing sessions; it was "designed to intercept all encrypted connections, things it shouldn’t be able to see". Not only that, the adware was so poorly written that it introduced the same security hole on to all infected computers, thus giving enterprising and malicious hackers an easy opportunity to subvert millions of computers with a single trick.
And just to be clear folks, this security hole is the kind of thing which app developers and OS developers work strenuously to remove and repair – and Lenovo introduced one just so it could sell advertising.
They also shared a list of affected computers. Hopefully it is complete:
- G Series: G410, G510, G710, G40-70, G50-70, G40-30, G50-30, G40-45, G50-45
- U Series: U330P, U430P, U330Touch, U430Touch, U530Touch
- Y Series: Y430P, Y40-70, Y50-70
- Z Series: Z40-75, Z50-75, Z40-70, Z50-70
- S Series: S310, S410, S40-70, S415, S415Touch, S20-30, S20-30Touch
- Flex Series: Flex2 14D, Flex2 15D, Flex2 14, Flex2 15, Flex2 14(BTM), Flex2 15(BTM), Flex 10
- MIIX Series: MIIX2-8, MIIX2-10, MIIX2-11
- YOGA Series: YOGA2Pro-13, YOGA2-13, YOGA2-11BTM, YOGA2-11HSW
- E Series: E10-30
You can find the instructions to remove the adware in this.
Luckily for me, my two-year-old Lenovo laptop was made before Lenovo started attacking its customers, so I don’t have to worry about about Superfish.
I also know my next laptop won’t be at risk, because it sure as hell won’t be made by Lenovo.