LEGO’s homepage was briefly hijacked on October 5, displaying a fraudulent "LEGO Coin" token promoting secret rewards. The phishing scheme directed users to a malicious website, but LEGO quickly removed the scam, ensuring no user accounts were compromised.
Crypto Scam Targets LEGO Fans with Fake "LEGO Coin"
A "LEGO Coin" token hoax that temporarily appeared on the webpage of the toy company LEGO Group after it was hacked on October 5 has apparently been erased, according to sources regarding the corporation.
X user and LEGO fan "ZTBricks" was among the first to detect the fraud, which promised "secret rewards" to anyone who purchased LEGO Coin. Several screenshots on X reveal the following:
"Our new LEGO Coin is officially out! Buy the LEGO Coin today and unlock secret rewards!"
Phishing Scam Linked to Fake Crypto Coin
According to reports, anyone who clicked the "Buy Now" button that was located beneath the message was directed to the phishing website, Cointelegraph shares.
LEGO has not issued a public statement regarding the incident; however, the message depicting LEGO Coin and the link that reads "Buy Now" is no longer there on the company's webpage.
LEGO Confirms No User Accounts Were Compromised
It has been stated that LEGO has informed the consumer technology product site Engadget that the bitcoin scam was only displayed on its homepage for a "brief" period of time and that no user accounts were compromised:
“The issue has been resolved. No user accounts have been compromised, and customers can continue shopping as usual.”
Scam Lasted 75 Minutes Before Removal
According to "mescad," a moderator of the "lego" subreddit, LEGO COIN was initially placed on LEGO's homepage around 1:00 am UTC on October 5 and was deleted approximately 75 minutes later. This information was provided by "mescad."
The incident took place at three in the morning in Billund, Denmark, which is the location of LEGO's headquarters.