Google-owned cybersecurity company Mandiant finds itself in the awkward position of having to take back control of its Twitter account after it was hijacked by scammers yesterday.
The official Mandiant account, followed by over 100,000 people, was taken over by scammers who promoted links to a fake website that claimed to offer free $PHNTM cryptocurrency tokens (but was actually designed to drain punters’ wallets) ).
The hackers renamed the account “Phantom” and changed its profile to pretend to belong to the Phantom cryptocurrency wallet.
In a since-deleted tweet, the hacker posted the following message:
$PHNTM distribution has officially begun.
Our snapshot records over 250,000 wallets, please visit our website to see if you qualify.
https://grahamcluley.com/cybersecurity-firm-mandiant-has-its-twitter-account-hacked-to-promote-cryptocurrency-scam/
The number of tokens you receive will depend on your portfolio and snapshot positions.
The scammers mocked Mandiant in a series of tweets as he worked to regain control of his account. One message advises a cybersecurity company to change passwords, while another says it’s wise to check for bookmarks that may have been added to Twitter accounts controlled by scammers.
Mandiant has since regained access to the account, and release Acknowledgment of the event.
You may have noticed that yesterday, Mandiant lost control of this 2FA-enabled X account. Currently, there is no indication of malicious activity other than the affected account X, which is back under our control. Once concluded, we will share our findings.
It’s obviously reassuring to hear that Mandiant has enabled two-factor authentication on its Twitter account, as this does provide a higher level of security.
However, this is perhaps a timely reminder to all of us that turning on 2FA doesn’t mean it’s impossible for an account to be compromised. It will be interesting to hear what Mandiant has to say about the security breach and what other companies can learn from the incident.
