American cybersecurity business and Google Cloud subsidiary Mandiant experienced its X (formerly Twitter) account compromised for much more than six hours by an mysterious attacker to propagate a cryptocurrency scam.
As of creating, the account has been restored on the social media system.
It is at this time not crystal clear how the account was breached. But the hacked Mandiant account was initially renamed to “@phantomsolw” to impersonate the Phantom crypto wallet service, according to MalwareHunterTeam and vx-underground.
Specifically, the rip-off posts from the account advertised an airdrop scam that urged people to simply click on a bogus url and receive free tokens, with comply with-up messages inquiring Mandiant to “adjust password you should” and “verify bookmarks when you get account back again.”
Mandiant, a main menace intelligence firm, was acquired by Google in March 2022 for $5.4 billion. It is now aspect of Google Cloud.
“The Mandiant Twitter account takeover could have took place [in] a number of approaches,” Rachel Tobac, CEO of SocialProof Security, stated on X.
“Some people are giving the guidance to turn on MFA to avert ATO and of program that is a superior idea usually *but it truly is also doable that somebody in Assistance at Twitter was bribed or compromised which authorized the attacker obtain to Mandiant’s account*.”
The Hacker News has attained out to Mandiant for additional comments, and we will update the tale the moment we hear again.
Found this write-up intriguing? Comply with us on Twitter and LinkedIn to read more exclusive content material we put up.
Some parts of this article are sourced from:
thehackernews.com