LEGO's website was hacked to promote a fake cryptocurrency, misleading users into purchasing scam tokens with Ethereum.
The company quickly removed the fraudulent banner and assured customers that no accounts were compromised and that preventive measures are in place.
This incident highlights a trend where scammers exploit trusted brands to deceive victims.
In June 2024, hackers similarly compromised the Ethereum Foundation’s email, targeting nearly 36,000 subscribers, while Metallica’s official X account was used to promote a scam token, generating about $10 million in trades.
Crypto scams have grown increasingly sophisticated, with losses estimated at $1.2 billion in 2024. While LEGO has not provided specifics on how the breach occurred, it’s likely that organized groups were involved, potentially taking advantage of a misconfigured web application firewall or external service vulnerabilities.
The attack demonstrates the ongoing risks even major brands face, leaving customers concerned about the extent of the breach and the measures taken to prevent future incidents.
The scheme targeted working class individuals, promising them financial freedom.
Vietnamese police arrested five individuals tied to a cryptocurrency scam led by offshore criminals.
During the third quarter of 2024, cryptocurrency thefts surpassed $127 million, with September contributing around $46 million.
A Russian cybercrime group is reportedly leveraging a series of AI-generated websites to implement software aimed at stealing cryptocurrency wallet credentials.