Pierluigi Paganini January 04, 2024

The X account of cybersecurity giant Mandiant was hacked, attackers used it to impersonate the Phantom crypto wallet and push a cryptocurrency scam.

Crooks hacked the X account of cybersecurity firm Mandiant and used it to impersonate the Phantom crypto platform and share a cryptocurrency scam.

The X account of the Google-owned firm Mandiant has over 120,000 followers.

Once the cybercriminals hijacked the account, renamed it to @phantomsolw, then started advertising a rogue website impersonating the Phantom crypto service.

The threat actors exploited the account to promote an airdrop scam. Followers were encouraged to check if they were among the fortunate 250,000 eligible for free tokens. The scam was designed to drain funds from the victims’ wallets.

The account was under the control of the attackers for several hours.

“We are aware of the incident impacting the Mandiant X account. We’ve since regained control over the account and are currently working on restoring it.” reads a statement sent by a Mandiant spokesperson to several media outlets.

​The attackers also trolled Mandiant with posts saying. “Sorry, change password please.” and “Check bookmarks when you get account back.”

At this time, the cybersecurity firm regained control of its X account.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, X)