Lenovo Caught Pre-Installing Spyware on their Machines Yet Again

2

If Lenovo pre-installing spyware on their last generation of machines wasn’t enough, they’re back in the news again, and for yet again the same thing, selling machines with pre-installed spyware. The Chinese technology conglomerate has been caught installing a piece of software on a number of refurbished notebooks that is automatically programmed to send user feedback data to Lenovo servers. However, upon further inspection of this seemingly-harmless software, a third-marketing and web analytic firm is behind it.

As per many user reports, the company ships all factory refurbished laptops with a program called “Lenovo Customer Feedback Program 64,” which is programmed to run every day. According to the Chinese computer company, Lenovo Customer Feedback Program 64 “uploads Customer Feedback Program data to Lenovo.”

When analyzing the program, Michael Horowitz of Computerworld found specific software files in the folder of the customer feedback program labeled: “Lenovo.TVT.CustomerFeedback.Agent.exe.config, Lenovo.TVT.CustomerFeedback.InnovApps.dll, and Lenovo.TVT.CustomerFeedback.OmnitureSiteCatalyst.dll.” Horowitz continued, adding that Omniture, as mentioned in one of the .dll files, is an online marketing and web analytic firm owned by Adobe, suggesting the laptops are heavily tracking and monitoring user activity.

pia red

Lenovo, the largest PC vendor in the market added on its support website that their line of machines may include software components that automatically communicate with their servers through the Internet. These line of applications could presumably be found on every ThinkCentre, ThinkStation, and ThinkPad machine. As per the company website, Lenovo listed a couple of the applications that can be found installed on their line of machines, including Lenovo.TVT.CustomerFeedback.Agent.exe.config.

As we pointed out earlier, this isn’t the first time Lenovo has been caught shipping machines with what appears to be pre-installed spyware monitoring customers, it isn’t even the company’s second time. Earlier this year Lenovo was caught shipping machines with a pre-installed piece of software dubbed SuperFish. The software compromised the machines encryption certificate to quietly inject more advertisements into websites. Then again in August, Lenovo was caught secretly downloading and installing software on their Windows PCs. The program would modify the BIOS to force the computer to download its program upon each login.

It’s been a bad year for Lenovo, especially since this is a directly the company’s fault and could have been avoided at all costs.

[Photo via Photozou (CC BY 2.5)]

About Author

Brandon Stosh is the founder and CEO of www.freedomhacker.net. Stosh is a cyber security researcher and professional consultant who strives to provide reliable news on cyber-security based topics.

2 Comments

    • Hi Ivrek, seeing as it is a program installed on the computer, yes, a fresh hard drive wipe should do it. However, it this is installed within the BIOS, as one of their last updates, then a simple wipe won’t fix this problem. However, seeing as it only mentions the program, a full hard drive wipe should clean this off.

      Please let us know if this helps and if you need any more assistance feel free to comment!

Leave A Reply

Send this to friend