HQ/EMEAFind out how we can help your business
A cryptocurrency scam operation last week compromised the LEGO website to endorse a fake token that is obtainable through Ethereum.
Based on reports, the cryptocurrency scammers momentarily hacked the LEGO website on Friday night last week to promote the fraudulent token. The hackers replaced the main banner for the official LEGO website with an image of crypto tokens branded with the “LEGO” logo during the intrusion.
The logo also included text that promotes a new LEGO Coin and other secret rewards.
The cyberattack on the LEGO website has allegedly lasted for nearly one and a half hours.
A LEGO Reddit admin disclosed that the threat actors who executed the cryptocurrency scam operation initiated the breach around 9 p.m. EST last Friday. In addition, the attackers persisted on the website for 75 minutes until it was restored at 10:15 p.m. ET.
The researchers immediately pointed out that this campaign is unlike commonly known crypto scams since it did not advertise a harmful website with a crypto drainer that can steal funds when users connect their wallets.
However, the attached link to the hacked website can redirect visitors to the Uniswap cryptocurrency platform once they click the “Buy now” button. The landing page will be the LEGO hoax token with Ethereum.
On the other hand, the company confirmed the incident but did not provide further details on how the threat actors obtained access to its website. They also claimed that they had already addressed the problem.
In addition, the affected entity assured its customers that the hackers had not compromised any user accounts, so customers could continue purchasing as usual. Currently, the reports claim that the attack failed since only a few people bought the token for a few hundred dollars.
Hackers commonly execute website breaches by injecting malicious JavaScript into web pages to steal sensitive data, such as client information and credit card details. This crypto scam incident is another example of how threat actors can execute cyberattacks through different strategies.
