LEGO Website Hacked By Scammers Promoting Fake ‘LEGO Coin’
Screenshot of cached copy of LEGO.com via Internet Archive
Visitors to LEGO’s official website on October 4 were greeted by something far from fun—a fraudulent cryptocurrency scam. Cybercriminals managed to briefly hijack the site, promoting a fake “LEGO Coin” with promises of exclusive rewards for early buyers.
A rogue, AI-generated banner published on the homepage linked users to an external site where they could purchase so-called “LEGO Tokens” using Ethereum, attempting to dupe fans of the beloved brand into parting with their money.
LEGO site was hacked last night by crypto scammers.
— Godfather (@CryptoGodfatha) October 5, 2024
Careful out there. pic.twitter.com/ONzC6whr0n
The dubious activity didn’t go unnoticed for long. Users on the r/LEGO community raised the alarm on the abnomaly, which likely prevented many others from falling victim to the unauthorized scheme.
The toymaker quickly down the content and restored the site, reassuring fans in a statement to Engadget that “no accounts have been compromised” during the breach and that steps were being taken to strengthen security of the website.
â€¼ï¸ PSA !! LEGO dot com hacked. First thing that appears is a fake AI crypto banner.
— Mike | The Cool Factor (@MichalRytter) October 5, 2024
DO NOT order any sets, DO NOT click on anything, DO NOT make any payments until LEGO makes an official statement that this is resolved. Password change later on is also advised. pic.twitter.com/dYraMimnNO
[via The Brick Fan and Engadget, images via various sources]
