Earlier this year, laptop manufacturer Lenovo got in hot water when it came out that it was pre-installing spyware on its systems. Called Superfish, the program spied on your Internet browsing and injected relevant ads into your browser. Even worse, it was easy for hackers to hijack.
After a major customer backlash, Lenovo released a tool to uninstall Superfish and claimed that it had stopped installing it. Now Lenovo is back in the news with another pre-installed bit of software worse than Superfish.
It's called the Lenovo Service Engine, and it hides out in the BIOS/UEFI of Lenovo laptops. As a reminder, a rootkit is a program, usually a virus, that loads before Windows does. That makes it nearly impossible for security software to detect it or remove it.
In the case, Lenovo's rootkit was there to make sure Lenovo computers have a program called OneKey Optimizer. If the software did get uninstalled, LSE would recreate it, even if the laptop owner wiped their hard drive and installed a fresh copy of Windows.
What turns this from a shady tactic to a disaster is the way LSE works. When it gets updates, it doesn't use an encrypted Internet connection. Hackers who could intercept the connection could use it to install anything on your computer they wanted. That's the bad news.