Weitz & Luxenberg to Probe Lenovo Superfish Malware Damage Claims

| From
Photo: Toxic Tort

NEW YORK, N.Y., Feb. 24, 2015 (SEND2PRESS NEWSWIRE) -- A security expert's discovery last month that certain Lenovo laptop computers were shipped with well-concealed malware giving hackers easy access to users' most confidential information has led Weitz & Luxenberg P.C. to announce an investigation into potential legal claims against the hardware manufacturer and against the malware vendor, Superfish, the law firm today disclosed.

Weitz & Luxenberg said it plans to talk to as many Lenovo users as possible about their legal rights to compensation from both Lenovo and Superfish.

Weitz & Luxenberg said users of certain Lenovo laptops sold in the last five months could be harmed by the malware - a commercial product called VisualDiscovery - via "man-in-the-middle" attacks.

In such an attack, a hacker lurking on the Lenovo user's Wi-Fi network hijacks the laptop's internet browser to steal bank credentials, passwords and any other valuable data that might be stored on the laptop, the firm explained.

Hackers could also potentially use the laptop's own security key to certify imposter HTTPS websites - a practice known as "spoofing" - that masquerade as Bank of America, Google or any other secure destination on the Internet, Weitz & Luxenberg warned.

Superfish Creates Lenovo Super-Vulnerability:

According to a report in The New York Times published this week, Superfish's VisualDiscovery software could enable hackers to monitor and exploit everything a Lenovo user does while online.

"The tragedy is that Lenovo users have been led to believe the data they're storing on their laptops are safe and secure, when those data are anything but safe and secure," said Robin L. Greenwald, who heads Weitz & Luxenberg's Environmental, Toxic Tort & Consumer Protection Unit.

Security experts who have looked into this situation contend that only by fully wiping out the memory of a vulnerable Lenovo laptop and then installing a non-Lenovo version of Windows can a user be assured of closing the security hole created by the Superfish VisualDiscovery software.

Some computer experts said taking such a step may expose users to still more harm since fully erasing a computer's factory-installed memory and replacing it opens the door to potentially unforeseen performance glitches.

In the worst cases, these glitches can destabilize a system to the point that the user can no longer rely on it and may need to replace the entire machine, experts caution.

Slate Magazine called Lenovo's decision to pre-install the Superfish software a betrayal of its customers. Slate quoted one expert as saying he "cannot overstate how evil [Lenovo's action] is."

Weitz & Luxenberg points to other computer experts as saying that when Lenovo added the Superfish product it knew a significant security hole would be created, making the laptops easy prey for hackers.

Nine Lenovo Laptop Models Affected:

Affected are Lenovo G, U, Y, Z, S, Flex, MIIX, YOGA, and E series laptops sold between last September and this month, according to news reports.

Lenovo, the news reports continue, admits to having shipped those models with the Superfish product installed.

Slate asserts that Lenovo should have known about the problem as early as Jan. 21 when a user who discovered the vulnerability reported it to a Lenovo forum.

Greenwald said Lenovo since that time has failed to take appropriate steps to eliminate the problem.

Weitz & Luxenberg said harmed Lenovo users may be able to pursue legal action by claiming the consumer protections offered through various federal and state statutes, plus civil law.

"Consumers who have been harmed have a right to be fully compensated for their injuries," said Greenwald. "We intend to help see that justice is done for them."

About Weitz & Luxenberg:
Weitz & Luxenberg P.C. is among the nation's leading and most readily recognized personal injury law firms. Weitz & Luxenberg's numerous litigation areas include: mesothelioma, defective medicine and devices, environmental pollutants, consumer protection, accidents, personal injury, and medical malpractice. Victims of accidents are invited to rely on Weitz & Luxenberg's more than 25 years of experience handling such cases. You can contact the firm's Client Relations department at 800-476-6070 or at

More information:

News Source:
For more information regarding this press release, please visit:
Like, Share, Save this press release:
  TWEET   SHARE   G+   PIN IT   STUMBLE   LinkedIn   Instapaper   Buffer

Shortlink to this press release:
The content of the above press release was provided by the “news source” (Weitz and Luxenberg, P.C.) or authorized agency, who is solely responsible for its accuracy. Send2Press® is the originating wire service for this story and content is Copr. © 2015 Weitz and Luxenberg, P.C. with newswire version Copr. © 2015 Send2Press (a service of Neotrope). All trademarks acknowledged.

Rights granted for reproduction by any legitimate news organization. However, if news is cloned/scraped verbatim, then original attribution must be maintained with link back to this page as “original syndication source.” Resale of this content for commercial purposes is prohibited without a license. Reproduction on any site selling a competitive service is also prohibited. Information is believed accurate, as provided by news source or authorized agency, however is not guaranteed, and you assume all risk for use of any information found herein/hereupon. This work is licensed under a Creative Commons Attribution-NonCommercial 3.0 Unported License.
STORY READS for this single page only, as of Oct 26 2016:
[ count retired 8.4.16 ]

back to top
REFERENCES: Toxic Tort, Lenovo Superfish, InfoSec, man-in-the-middle attacks, Lenovo Laptop Models, VisualDiscovery, news, press release from Weitz and Luxenberg, P.C., Feb 24, 2015, Computing, Technology, Legal and Law, New York City, New York, Weitz & Luxenberg to Probe Lenovo Superfish Malware Damage Claims