On Friday night, cryptocurrency scammers briefly compromised the LEGO website to advertise a fake LEGO token that could be purchased with Ethereum.
During the breach, the hackers swapped out the official site’s main banner with an image of crypto tokens featuring the LEGO logo, accompanied by the message, “Our new LEGO Coin is officially out! Buy the new LEGO Coin today and unlock secret rewards!”
LEGO Reddit moderator “mescad” reported that the breach occurred at 9 PM EST and lasted for approximately 75 minutes, with the site being restored by 10:15 PM ET.
Unlike typical cryptocurrency scams that link to malicious sites designed to drain users’ crypto wallets, this scam directed visitors to the Uniswap platform, where the fake LEGO token could be purchased with Ethereum.
Website hacked to promote crypto scam Source: mescad
LEGO confirmed the breach to BleepingComputer but declined to provide specific details about how the attackers gained access to their website.
“On 5 October 2024, an unauthorized banner briefly appeared on LEGO.com. It was swiftly removed, and the issue has been resolved,” LEGO told.
They also assured that no user accounts were compromised, and customers could continue shopping as usual. “The cause has been identified, and we are implementing measures to prevent this from happening again,” they added.
Despite the breach, the attack resulted in minimal damage, with only a few individuals purchasing the fraudulent token for a few hundred dollars.
Given LEGO’s prominence, it’s surprising that the attackers chose to use their access for a crypto scam. Website breaches of this nature are more often exploited to inject malicious JavaScript into web pages to steal customer data or credit card information stealthily.
This stolen data is frequently leveraged to extort companies for large sums, sold on darknet marketplaces, or used to make fraudulent purchases online.
Source: BleepingComputer, Lawrence Abrams