Summary:

The Twitter account of cybersecurity firm Mandiant, a subsidiary of Google, fell victim to a hijacking incident resulting in the promotion of a cryptocurrency scam. The attacker took control of the account and changed its name to @phantomsolw. They proceeded to share a fake website impersonating the popular Phantom crypto wallet, luring users with the promise of free $PHNTM tokens through an airdrop. However, clicking the ‘Claim Airdrop’ button redirected users to the legitimate site, where they were informed about the scam and urged to install the actual Phantom wallet. The attackers’ attempt to drain cryptocurrency wallets was thwarted by the warning issued by Phantom itself. Mandiant’s original Twitter handle, @mandiant, is currently unavailable.

New Title: Beware of Scammers Impersonating Phantom Crypto Wallet on Twitter

In a noteworthy incident, the official Twitter account of renowned cybersecurity firm Mandiant, owned by Google, was hijacked, giving way to a malicious attempt to deceive cryptocurrency users. The attackers, after gaining control, swiftly changed the account’s name to @phantomsolw, a bogus identity mimicking the highly popular Phantom crypto wallet.

The attackers employed a classic tactic often seen in crypto scams, promising unsuspecting users free $PHNTM tokens through an airdrop. Curious users who clicked on the ‘Claim Airdrop’ button were directed to the legitimate Phantom website. However, to their relief, they were greeted with a warning from Phantom itself, cautioning against engaging with the scam website due to its malicious nature and potential threat to users’ funds.

The threat actor responsible for this attack did not stop at spreading the crypto scam. They decided to make a mockery of Mandiant by posting taunting messages, such as “Sorry, change password please” and “Check bookmarks when you get account back.” These actions display the audacity and disregard for security demonstrated by the attackers.

To further bolster their deception, the attackers retweeted legitimate posts from the official Phantom account, including tips advising users to exercise caution when confronted with suspicious links. This tactic aimed to lend an air of trustworthiness to their future crypto-scam related posts.

Mandiant’s genuine Twitter handle, @mandiant, has now become inaccessible, showing an error message stating that the account does not exist. The cybersecurity firm is actively working to rectify the situation and regain control of their account.

FAQs:

Q: What happened to Mandiant’s Twitter account?

A: Mandiant’s Twitter account was hijacked by an attacker who then impersonated the popular Phantom crypto wallet and promoted a cryptocurrency scam.

Q: How did the attackers attempt to deceive users?

A: The attackers changed the account’s name to resemble that of the Phantom wallet and shared a fake website promising free tokens through an airdrop. However, users who clicked on the ‘Claim Airdrop’ button were redirected to the legitimate Phantom website, which warned them about the scam.

Q: What actions did the attackers take after gaining control of the account?

A: In addition to promoting the cryptocurrency scam, the attackers taunted Mandiant with messages such as “Sorry, change password please” and “Check bookmarks when you get account back.” They also retweeted genuine posts from the official Phantom account to appear more legitimate.