Malicious code on Lenovo driver download page - Update

[Peaches]

Malicious code on Lenovo driver download page - Update

The driver download portal of hardware manufacturer Lenovo temporarily deployed malicious code. Various virus scanners issued alerts about a Java-based Trojan downloader or dropper. The iframe injected by attackers points to the volgo-marun.cn server and can still be found on several pages of the download.lenovo.com server.

However, the injected links to the Chinese server are now pointing to a non-existent target, so there is no longer an immediate threat. The Firefox and Chrome web browsers have also started to warn their users about accessing this server. Since Lenovo doesn't appear to have responded, the security hole may still be open, which would potentially allow attackers to deploy updated iframe links on the download pages at any time.

http://www.h-online.com/security/news/item/Malicious-code-on-Lenovo-driver-download-page-Update-1025886.html