Google’s cybersecurity subsidiary saw its X.com account hacked. The hackers used it to set up fraudulent operations.
Cryptocurrency scams on X (formerly Twitter) are quite frequent and can affect everyone. Ethereum founder Vitalik Butherin was among the figures whose accounts were hacked to carry out a scam, using the legitimacy of the hacked character to allay public fears.
And this week it was the turn of a particularly humorous entity to suffer a similar attack: Mandiant, the company that knows a lot about cybercrime!
Mandiant becomes Phantom
On Wednesday, cybercriminals successfully hacked the company’s X account, subsequently altering its visual identity and name. Consequently, the account underwent a complete transformation into the cryptocurrency Phantom‘s account.
Armed with this new identity, the attackers posted an advertisement for a fake airdrop (distribution) of $PHNTM tokens. Interested people can click on the link and claim their prize by connecting their Phantom wallet to the website, while those without a wallet will be redirected to the actual Phantom website to claim it. After being authorized to receive the cryptocurrency, the hacker attempted to siphon off the funds contained in the digital wallet.
A scam that is all too common in 2024. Once exposed, the hackers promptly erased the fraudulent airdrop post, yet cunningly maintained control over Mandiant‘s account to taunt the cybersecurity company. They took several opportunities to mock the company, including the sarcastic remark, “Sorry, please change your password.“
Fortunately, Mandiant has managed to regain control of its account. However, the process of reclaiming authority has been sluggish. Even after regaining access to the interface, the company faced a hurdle in rectifying the account name @phantomsolw, as X’s regulations restrict frequent name changes. This unfortunate incident may prompt Mandiant to document their unpleasant encounter.