The Verge reports:
Lenovo.com has been hacked. As of 4pm ET, users visiting the site saw a slideshow of disaffected youths, set to the song “Breaking Free” from High School Music. The source code for the page identified it as, “the new and improved rebranded Lenovo website featuring Ryan King and Rory Andrew Godfrey,” both of whom have been publicly identified as members of the hacker collective Lizard Squad. It’s unclear whether King and Godfrey are actually related to the hack, or if the attackers are simply using their names and photos to muddle their true identity.
By 4:26 pm ET, Lenovo’s site appeared to be functioning normally, but a tweet by @LizardCircle at 4:19 pm ET tends to suggest their involvement:
We’re breaking free! Soarin’, flyin’, there’s not a star in heaven that we can’t reach!
— Lizard Squad (@LizardCircle) February 25, 2015
The Next Web has two screenshots from the slideshow and notes that clicking on the slides redirected to Lizard Twitter account.
Update: The Register reports:
The domain’s nameserver settings were updated today to point at CloudFlare’s systems; lenovo.com now resolves to 104.27.188.198 here in our office. This suggests some shenanigans with DNS rather than a full-scale corporate compromise.
They also point out that an image of an email uploaded to LizardSquad’s Twitter account suggests that LizardSquad may have gotten control of Lenovo’s email as well as the DNS. There have actually been two such tweets within the past hour:
Sorry Tim, that’s Junk apparently pic.twitter.com/44GdpvBYm9
— Lizard Squad (@LizardCircle) February 25, 2015
and
Superfish removal bricks some devices? Great work Lenovo pic.twitter.com/phXiBS3KzO
— Lizard Squad (@LizardCircle) February 25, 2015
And as of 5:13 pm ET, the Lenovo server isn’t responding when I try to access the site. It’s either being hit hard by everyone trying to see what’s going on, or they’ve suddenly realized the significance of the tweeted emails.