Danish construction toy production company LEGO had its official website compromised on the evening of Oct. 4 to promote a cryptocurrency scam, reports Cybernews.
Attackers behind the scheme placed an ad on the LEGO website homepage that urged visitors to click a link that would "unlock secret rewards," which redirects to a third-party marketplace enabling purchases of the fraudulent LEGO token with Ethereum. However, such a banner ad was immediately taken down by the company. "No user accounts have been compromised, and customers can continue shopping as usual. The cause has been identified, and we are implementing measures to prevent this from happening again," noted a LEGO spokesperson. Such a compromise comes amid the increasing prevalence of online account hijacking for crypto scams, with OpenAI Newsroom's account on X, formerly Twitter, leveraged by threat actors to promote the $OPENAI token via malicious links just two weeks ago.
