HomeNewsCrypto ScamsLEGO Website Hacked to Shill Crypto Scam, Removes Scam Link and Banner...

LEGO Website Hacked to Shill Crypto Scam, Removes Scam Link and Banner From Homepage

-

Hackers took over LEGO’s website to promote a “LEGO Coin” scam, but the company reacted in about 75 minutes to take it down.

Toy company LEGO’s website was hacked on October 5 to shill a crypto scam. The scammers manipulated the homepage banner to promote ‘LEGO Coin’–a token the company does not offer. It has not launched any token or expressed plans to do so.

The homepage read, “Our new LEGO Coin is officially out! Buy the LEGO Coin today and unlock secret rewards!” However, the company regained access to remove the scam not too long after it showed up.

Hacked Lego Homepage

Source: The Brick Fan

An X user, going by ZTBricks, pointed out the scam, “Hey @LEGO_Group someone popped your site and changed the main page! It directs to a crypto site to an account that is almost definitely not you guys!”

The scam was accompanied by a “Buy Now” button that took anyone who clicked to a phishing site. LEGO has not released a direct statement through any of its official channels thus far. Nevertheless, the banner was changed to its older version, showcasing the company’s Fortnite collaboration.

LEGO spoke to tech publication Engadget to relay that “no user accounts were compromised and that it has identified the cause of the issue.” It also told the publication that it would work on preventing such occurrences in the future but denied mentioning the cause of the issue.

Its communication with Engadget read:

“On 5 October 2024 (October 4 evening in the US), an unauthorised banner briefly appeared on LEGO.com. It was quickly removed, and the issue has been resolved. No user accounts have been compromised, and customers can continue shopping as usual. The cause has been identified and we are implementing measures to prevent this from happening again.”

LEGO Addressed the Incident in 75 Minutes

A moderator for the LEGO subreddit mentioned that the scam was taken off the website about 75 minutes after it appeared. The scammers made the changes at 1:00 AM UTC on October 5, which means it occurred at 3:00 AM at Billund, Denmark, where LEGO’s headquarters is situated.



FOLLOW US

Upcoming Events

Most Popular