Lenovo to Purge Adware From New PCs After Superfish Controversy

Lenovo Group Ltd. said it will no longer pre-install advertising software on its PCs, a week after the world’s biggest computer maker apologized for including adware on consumer laptops that exposed users to hacking.

“Our goal is clear: To become the leader in providing cleaner, safer PCs,” the Beijing-based company said in an e-mailed statement Friday.

The factory-installed software on Lenovo PCs will in future include only the operating system, security products, Lenovo applications and related software needed to make the hardware operate properly, the company said.

“This should eliminate what our industry calls ’adware’ and ’bloatware,’” Lenovo said.

Lenovo on Feb. 20 apologized to customers for pre-installing software that potentially exposed them to hacking attacks and unauthorized activity monitoring. The biggest maker of personal computers said at that time that it was a mistake to have the software, made by a company called Superfish, included on Lenovo’s machines.

The company was criticized by cyber-security specialists for Superfish’s ability to monitor Web behavior and suggest advertisements based on images that a user might be viewing. The technology used by Superfish breaks the encryption between Web browsers and banking, e-commerce and other sites that handle sensitive information, potentially exposing machines to hacking.

The software was included on some models of consumer laptops sold worldwide between September and December and was turned off in January after user complaints, Lenovo said earlier.

Site Hijacked

Less than a week after the issue with Superfish, Lenovo’s website was hijacked and users were redirected to another site with videos of young people looking into Web cameras, with the song “Breaking Free” from the movie “High School Musical” playing in the background. Some employee e-mails were also leaked by a hacking group called the Lizard Squad, according to postings on Twitter.

The hackers may have taken over Lenovo’s site by altering the records with the domain-name registrar used by the company, according to Matthew Prince, co-founder and chief executive officer of CloudFlare Inc., a San Francisco security company.

After the attack on its website, Lenovo said Feb. 26 that it was reviewing network security and would take appropriate steps to bolster the site and protect user data.

— With assistance by Edmond Lococo, and Jordan Robertson

Before it's here, it's on the Bloomberg Terminal.