Missouri AG sues computer company after federal settlement

Missouri’s attorney general is suing a computer hardware company after it settled a federal dispute over security flaws in its products.

The petition claims Lenovo, Inc. misled users of its laptops in 2014 about software pre-loaded onto the machines. The software, called VisualDiscovery and created by Superfish, would work as a proxy between the computer and the internet sites visited, transmit the user’s personal information to Superfish and inject pop-up ads on the computer based on their browsing history.

The lawsuit claims that for encrypted websites, VisualDiscovery would replace those digital certificates with its own self-signed certificate. This put the users at risk of being hacked, the lawsuit said, since the browser would not warn the user of a potentially dangerous site.

Lenovo settled a case with the Federal Trade Commission on Tuesday over the same issue. Lenovo agreed to 20 years of security audits on its products, but will not have to pay a fine.

“VisualDiscovery software…was installed on hundreds of thousands of Lenovo laptops,” The FTC said in a news release. “It delivered pop-up ads from the company’s retail partners whenever a user’s cursor hovered over a similar looking product on a website.”

Hawley’s lawsuit is asking the court order Lenovo pay restitution and civil penalties.