CandleFocus

LEGO claims full recovery after hackers hijacked its website to promote crypto scam

Hackers targeted the LEGO website and advertised a fraudulent cryptocurrency connected to the brand. They directed users to a decentralized exchange to purchase the scam tokens using Ethereum. LEGO acted quickly to remove the malicious links and assured users that no user accounts were compromised. This incident highlights the trend of scammers exploiting trusted brands in crypto scams. Similar attacks have affected the Ethereum Foundation and the official Twitter account of Metallica. Crypto scams have evolved from Ponzi schemes to more sophisticated techniques like phishing, hacking, and drainers. Immunefi reported that these scams have resulted in losses of approximately $1.2 billion in 2024. The complexity of these attacks suggests that syndicates are often involved, employing both on- and off-chain tools to coordinate scams. Possible avenues for hackers to breach websites include poorly configured web application firewalls, exploiting external service providers or third parties, and phishing or exploiting security vulnerabilities. The LEGO hack raises questions about the breach and the potential implications beyond financial loss. LEGO's limited disclosure has left customers relying on the company's containment efforts.

Related News