LEGO website breached, hackers abuse it to promote fraudulent cryptocurrency

Cryptocurrency scammers briefly hacked the official LEGO website to promote a fraudulent cryptocurrency token branded as a "LEGO Coin." The hackers replaced the main banner of the LEGO homepage with an advertisement promoting the fake token, claiming that buyers could unlock "secret rewards" by purchasing the token using Ethereum.

The breach, which lasted for approximately 75 minutes, was reported by LEGO Reddit moderator "mescad". During this time, visitors who clicked on the "Buy now" link were directed to the Uniswap cryptocurrency platform, where they could exchange Ethereum for the scam token.

Unlike other cryptocurrency scams that use malicious links to drain assets from users' crypto wallets, this scam simply led users to a legitimate platform but promoted a fake token.

LEGO confirmed the breach, stating that the unauthorized banner was removed, and the issue was resolved. The company emphasized that no user accounts were compromised during the attack, and customers were assured they could continue shopping safely.

LEGO did not provide details about how the attackers gained access to their website.

The attack ultimately proved unsuccessful, with only a few individuals purchasing the scam token for a total of a few hundred dollars.