Mandiant, a subsidiary of Google (NASDAQ:GOOGL) specialising in cybersecurity, recently suffered a security breach on its social media account on X.
The account was hijacked by unknown hackers and misused for nearly six hours to impersonate the Phantom crypto wallet and disseminate fraudulent links.
The intruders altered the account's name and handle to Phantom and @phantomsolw, respectively, and used it to propagate a false cryptocurrency scheme.
This scam falsely promised 250,000 users free $PHNTM tokens, even retweeting posts from the genuine Phantom account to seem credible.
Mandiant struggled to regain control of the account during this time.
Ruse to steal tokens
The scam involved a link claiming to offer a Phantom airdrop, which led users to a legitimate website to install an app.
However, BleepingComputer reports that this was a ruse to steal tokens from the users’ wallets.
The method used by the hackers to access Mandiant’s X account remains uncertain, with speculations of either phishing via social engineering or exploiting a vulnerability in the social media platform.
This incident follows a similar breach involving Canadian Senator Amina Gerba’s X account, which was also used to promote a fraudulent scheme.
The nature of these attacks underscores the growing sophistication of cybercriminals in exploiting social media platforms of government and business agencies for cryptocurrency scams.