Mandiant’s Twitter Account Hijacked in Cryptocurrency Scam
Reading Time: 3 Minutes
The Twitter account of Mandiant, an American cybersecurity firm and Google subsidiary, was hijacked earlier today to promote a cryptocurrency scam impersonating the Phantom crypto wallet.
A spokesperson for Mandiant informed BleepingComputer that they are aware of the incident and are actively working to resolve the issue.
Upon gaining control, the attacker renamed the account to @phantomsolw and used it to promote a fraudulent website posing as the Phantom crypto wallet. The website claimed to offer free $PHNTM tokens as part of an airdrop.
Crypto-scam tweet (MalwareHunterTeam)
See Also: So, you want to be a hacker?
Offensive Security, Bug Bounty Courses
Discover your weakest link. Be proactive, not reactive. Cybercriminals need just one flaw to strike.
BleepingComputer conducted tests and found that clicking the ‘Claim Airdrop’ button on the fake website, without having the Phantom wallet installed, redirected users to the legitimate site, where they were prompted to install it. Once installed, the fake wallet attempted to drain the targets’ cryptocurrency wallets.
However, the legitimate Phantom Wallet issued a warning, labeling the scam website as malicious and unsafe.
However, the legitimate Phantom Wallet issued a warning, labeling the scam website as malicious and unsafe.
The threat actor behind the attack has since deleted the scam tweet and is now using the account to taunt Mandiant. The original Mandiant Twitter handle, @mandiant, currently displays an error message stating, “This account doesn’t exist. Try searching for another.”
Trending: Deep Dive to Fuzzing for Maximum Impact
Trending: Offensive Security Tool: Troll-A
In an update, Mandiant informed BleepingComputer that they have regained control of the account and are working on restoring it.
However, due to Twitter restrictions on changing names too often, the username is still renamed to ‘@phantomsolw’ at the time of this update.
Are u a security researcher? Or a company that writes articles or write ups about Cyber Security, Offensive Security (related to information security in general) that match with our specific audience and is worth sharing?
If you want to express your idea in an article contact us here for a quote: [email protected]
Source: bleepingcomputer.com
Recent News
Offensive Security & Ethical Hacking Course
Begin the learning curve of hacking now!
Information Security Solutions
Find out how Pentesting Services can help you.
