Lenovo’s startpage served Teslacrypt ransomware

[Batu69]

 

Lenovo’s startpage served malicious code that tried to infect visitors with ransomware. The affected page is startpage.lenovo.com which contains news, weather information and games. According to the Finnish security company F-Secure the page served malware last Sunday, the 13th of March.

 

Users were silently redirected to an Angler exploit kit that tried to infect users with Teslacrypt ransomware by exploiting known vulnerabilities in Adobe Flash, Internet Explorer and Silverlight. Visitors to the site with unpatched versions of those applications could be infected with the Teslacrypt ransomware which encrypts files and then demands ransom to decrypt them.

 

It’s not the first time Lenovo is in the news for malware, the company was caught installing rootkits, it’s update tool contained a serious backdoor and some laptops were shipped with pre-installed advertisement injecting adware

 

Article source

[straycat19]

Lenovo, official computer of idiots and morons.  There has to be a reason why they are not allowed on our secure networks and the reasons just keep coming.