{"id":46268,"date":"2022-04-20T14:42:09","date_gmt":"2022-04-20T14:42:09","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/33350\/Hackers-Can-Infect-Over-100-Lenovo-Models-With-Unremovable-Malware.-Are-You-Patched.html"},"modified":"2022-04-20T14:42:09","modified_gmt":"2022-04-20T14:42:09","slug":"hackers-can-infect-over-100-lenovo-models-with-unremovable-malware-are-you-patched","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/hackers-can-infect-over-100-lenovo-models-with-unremovable-malware-are-you-patched\/","title":{"rendered":"Hackers Can Infect Over 100 Lenovo Models With Unremovable Malware. Are You Patched?"},"content":{"rendered":"<figure class=\"intro-image intro-left\"> <img decoding=\"async\" src=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2020\/08\/Lenovo-Yoga-Slim-9i_Front_Facing_conv-5-800x600.jpg\" alt=\"Promotional image of notebook computer.\"><figcaption class=\"caption\">\n<div class=\"caption-text\"><a href=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2020\/08\/Lenovo-Yoga-Slim-9i_Front_Facing_conv-5.jpg\" class=\"enlarge-link\" data-height=\"1500\" data-width=\"2000\">Enlarge<\/a> <span class=\"sep\">\/<\/span> This is the 14-inch variant of the Yoga Slim 9i, with leather finish.<\/div>\n<\/figcaption><\/figure>\n<aside id=\"social-left\" class=\"social-left\" aria-label=\"Read the comments or share this article\"> <a title=\"66 posters participating\" class=\"comment-count icon-comment-bubble-down\" href=\"https:\/\/arstechnica.com\/information-technology\/2022\/04\/bugs-in-100-lenovo-models-fixed-to-prevent-unremovable-infections\/?comments=1\"> <\/p>\n<h4 class=\"comment-count-before\">reader comments<\/h4>\n<p> <span class=\"comment-count-number\">93<\/span> <span class=\"visually-hidden\"> with 66 posters participating<\/span> <\/a> <\/p>\n<div class=\"share-links\">\n<h4>Share this story<\/h4>\n<\/p><\/div>\n<\/aside>\n<p> <!-- cache hit 24:single\/related:8c1c66d4709ebac55185de3df34b81fa --><!-- empty --><\/p>\n<p>Lenovo has released security updates for more than 100 laptop models to fix critical vulnerabilities that make it possible for advanced hackers to surreptitiously install malicious firmware that can be next to impossible to remove or, in some cases, to detect.<\/p>\n<p>Three vulnerabilities affecting more than 1 million laptops can give hackers the ability to modify a computer\u2019s UEFI. Short for <a href=\"https:\/\/en.wikipedia.org\/wiki\/Unified_Extensible_Firmware_Interface\">Unified Extensible Firmware Interface<\/a>, the UEFI is the software that bridges a computer\u2019s device firmware with its operating system. As the first piece of software to run when virtually any modern machine is turned on, it\u2019s the initial link in the security chain. Because the UEFI resides in a flash chip on the motherboard, infections are difficult to detect and even harder to remove.<\/p>\n<h2>Oh, no<\/h2>\n<p>Two of the vulnerabilities\u2014tracked as CVE-2021-3971 and CVE-2021-3972\u2014reside in UEFI firmware drivers intended for use only during the manufacturing process of Lenovo consumer notebooks. Lenovo engineers inadvertently included the drivers in the production BIOS images without being properly deactivated. Hackers can exploit these buggy drivers to disable protections, including UEFI secure boot, BIOS control register bits, and protected range register, which are baked into the <a href=\"https:\/\/en.wikipedia.org\/wiki\/Serial_Peripheral_Interface\">serial peripheral interface<\/a> (SPI) and designed to prevent unauthorized changes to the firmware it runs.<\/p>\n<p>After discovering and analyzing the vulnerabilities, researchers from security firm ESET found a third vulnerability, CVE-2021-3970. It allows hackers to run malicious firmware when a machine is put into system management mode, a high-privilege operating mode typically used by hardware manufacturers for low-level system management.<\/p>\n<aside class=\"ad_wrapper\" aria-label=\"In Content advertisement\"> <span class=\"ad_notice\">Advertisement <\/span> <\/aside>\n<p>\u201cBased on the description, those are all pretty \u2018oh no\u2019 sorts of attacks for sufficiently advanced attackers,\u201d Trammel Hudson, a security researcher specializing in firmware hacks, told Ars. \u201cBypassing SPI flash permissions is pretty bad.\u201d<\/p>\n<p>He said the severity may be lessened by protections such as BootGuard, which is designed to prevent unauthorized people from running malicious firmware during the boot process. Then again, researchers in the past have uncovered critical vulnerabilities that subvert BootGuard. They include a <a href=\"https:\/\/arstechnica.com\/information-technology\/2020\/11\/intel-patches-high-severity-bugs-protecting-lost-stolen-or-confiscated-pcs\/\">trio of flaws<\/a> discovered by Hudson in 2020 that prevented the protection from working when a computer came out of sleep mode.<\/p>\n<h2>Creeping into the mainstream<\/h2>\n<p>While still rare, so-called SPI implants are growing more common. One of the Internet\u2019s biggest threats\u2014a piece of malware known as Trickbot\u2014in 2020 began incorporating a driver into its code base that allows people to <a href=\"https:\/\/arstechnica.com\/information-technology\/2020\/12\/dangerous-uefi-malware-is-rare-a-botnet-called-trickbot-may-change-that\/\">write firmware into virtually any device<\/a>.<br \/>\nThe only two other documented cases of malicious UEFI firmware being used in the wild are <a href=\"https:\/\/arstechnica.com\/information-technology\/2018\/10\/first-uefi-malware-discovered-in-wild-is-laptop-security-software-hijacked-by-russians\/\">LoJax<\/a>, which was written by the Russian state hacker group known under multiple names, including Sednit, Fancy Bear, or APT 28. The second instance was UEFI malware that security firm <a href=\"https:\/\/arstechnica.com\/information-technology\/2020\/10\/custom-made-uefi-bootkit-found-lurking-in-the-wild\/\">Kaspersky discovered on diplomatic figures&#8217; computers in Asia<\/a>.<\/p>\n<p>All three of the Lenovo vulnerabilities discovered by ESET require local access, meaning that the attacker must already have control over the vulnerable machine with unfettered privileges. The bar for that kind of access is high and would likely require exploiting one or more critical other vulnerabilities elsewhere that would already put a user at considerable risk.<\/p>\n<p>Still, the vulnerabilities are serious because they can infect vulnerable laptops with malware that goes well beyond what\u2019s normally possible with more conventional malware. Lenovo has a list <a href=\"https:\/\/support.lenovo.com\/us\/en\/product_security\/LEN-73440#Lenovo%20Notebook\">here<\/a> of more than 100 models that are affected.<\/p>\n<p> READ MORE <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/33350\/Hackers-Can-Infect-Over-100-Lenovo-Models-With-Unremovable-Malware.-Are-You-Patched.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":46269,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[277],"tags":[6247],"class_list":["post-46268","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity-blogs","tag-headlinehackermalwareflaw"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Hackers Can Infect Over 100 Lenovo Models With Unremovable Malware. Are You Patched? 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/hackers-can-infect-over-100-lenovo-models-with-unremovable-malware-are-you-patched\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Hackers Can Infect Over 100 Lenovo Models With Unremovable Malware. Are You Patched? 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/hackers-can-infect-over-100-lenovo-models-with-unremovable-malware-are-you-patched\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2022-04-20T14:42:09+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2020\/08\/Lenovo-Yoga-Slim-9i_Front_Facing_conv-5-800x600.jpg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hackers-can-infect-over-100-lenovo-models-with-unremovable-malware-are-you-patched\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hackers-can-infect-over-100-lenovo-models-with-unremovable-malware-are-you-patched\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Hackers Can Infect Over 100 Lenovo Models With Unremovable Malware. Are You Patched?\",\"datePublished\":\"2022-04-20T14:42:09+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hackers-can-infect-over-100-lenovo-models-with-unremovable-malware-are-you-patched\\\/\"},\"wordCount\":589,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hackers-can-infect-over-100-lenovo-models-with-unremovable-malware-are-you-patched\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/04\\\/hackers-can-infect-over-100-lenovo-models-with-unremovable-malware-are-you-patched.jpg\",\"keywords\":[\"headline,hacker,malware,flaw\"],\"articleSection\":[\"CyberSecurity Blogs\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hackers-can-infect-over-100-lenovo-models-with-unremovable-malware-are-you-patched\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hackers-can-infect-over-100-lenovo-models-with-unremovable-malware-are-you-patched\\\/\",\"name\":\"Hackers Can Infect Over 100 Lenovo Models With Unremovable Malware. Are You Patched? 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hackers-can-infect-over-100-lenovo-models-with-unremovable-malware-are-you-patched\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hackers-can-infect-over-100-lenovo-models-with-unremovable-malware-are-you-patched\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/04\\\/hackers-can-infect-over-100-lenovo-models-with-unremovable-malware-are-you-patched.jpg\",\"datePublished\":\"2022-04-20T14:42:09+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hackers-can-infect-over-100-lenovo-models-with-unremovable-malware-are-you-patched\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hackers-can-infect-over-100-lenovo-models-with-unremovable-malware-are-you-patched\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hackers-can-infect-over-100-lenovo-models-with-unremovable-malware-are-you-patched\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/04\\\/hackers-can-infect-over-100-lenovo-models-with-unremovable-malware-are-you-patched.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/04\\\/hackers-can-infect-over-100-lenovo-models-with-unremovable-malware-are-you-patched.jpg\",\"width\":800,\"height\":600},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hackers-can-infect-over-100-lenovo-models-with-unremovable-malware-are-you-patched\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,hacker,malware,flaw\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlinehackermalwareflaw\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Hackers Can Infect Over 100 Lenovo Models With Unremovable Malware. Are You Patched?\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Hackers Can Infect Over 100 Lenovo Models With Unremovable Malware. Are You Patched? 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/hackers-can-infect-over-100-lenovo-models-with-unremovable-malware-are-you-patched\/","og_locale":"en_US","og_type":"article","og_title":"Hackers Can Infect Over 100 Lenovo Models With Unremovable Malware. Are You Patched? 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/hackers-can-infect-over-100-lenovo-models-with-unremovable-malware-are-you-patched\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2022-04-20T14:42:09+00:00","og_image":[{"url":"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2020\/08\/Lenovo-Yoga-Slim-9i_Front_Facing_conv-5-800x600.jpg","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/hackers-can-infect-over-100-lenovo-models-with-unremovable-malware-are-you-patched\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/hackers-can-infect-over-100-lenovo-models-with-unremovable-malware-are-you-patched\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Hackers Can Infect Over 100 Lenovo Models With Unremovable Malware. Are You Patched?","datePublished":"2022-04-20T14:42:09+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/hackers-can-infect-over-100-lenovo-models-with-unremovable-malware-are-you-patched\/"},"wordCount":589,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/hackers-can-infect-over-100-lenovo-models-with-unremovable-malware-are-you-patched\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2022\/04\/hackers-can-infect-over-100-lenovo-models-with-unremovable-malware-are-you-patched.jpg","keywords":["headline,hacker,malware,flaw"],"articleSection":["CyberSecurity Blogs"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/hackers-can-infect-over-100-lenovo-models-with-unremovable-malware-are-you-patched\/","url":"https:\/\/www.threatshub.org\/blog\/hackers-can-infect-over-100-lenovo-models-with-unremovable-malware-are-you-patched\/","name":"Hackers Can Infect Over 100 Lenovo Models With Unremovable Malware. Are You Patched? 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/hackers-can-infect-over-100-lenovo-models-with-unremovable-malware-are-you-patched\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/hackers-can-infect-over-100-lenovo-models-with-unremovable-malware-are-you-patched\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2022\/04\/hackers-can-infect-over-100-lenovo-models-with-unremovable-malware-are-you-patched.jpg","datePublished":"2022-04-20T14:42:09+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/hackers-can-infect-over-100-lenovo-models-with-unremovable-malware-are-you-patched\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/hackers-can-infect-over-100-lenovo-models-with-unremovable-malware-are-you-patched\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/hackers-can-infect-over-100-lenovo-models-with-unremovable-malware-are-you-patched\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2022\/04\/hackers-can-infect-over-100-lenovo-models-with-unremovable-malware-are-you-patched.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2022\/04\/hackers-can-infect-over-100-lenovo-models-with-unremovable-malware-are-you-patched.jpg","width":800,"height":600},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/hackers-can-infect-over-100-lenovo-models-with-unremovable-malware-are-you-patched\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,hacker,malware,flaw","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlinehackermalwareflaw\/"},{"@type":"ListItem","position":3,"name":"Hackers Can Infect Over 100 Lenovo Models With Unremovable Malware. Are You Patched?"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/46268","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=46268"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/46268\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/46269"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=46268"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=46268"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=46268"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}