The Google-owned security firm saw its X account taken over by threat actors to promote a crypto scam. It took six hours for the company to take the account back.
An unknown threat actor succeeded in taking over Mandiant’s X account, exploiting it to impersonate the Phantom crypto service. Phantom is a popular digital wallet designed for Solana and Ethereum owners.
The threat actors immediately abused the account to advertise an airdrop scam – followers were urged to see if they were among the 250,000 lucky ones eligible for free tokens. The scam was tailored to drain victims’ wallets.
Mandiant has over 120,000 followers on X. It reportedly took six hours for the company to get the account back.
"We are aware of the incident impacting the Mandiant X account. We've since regained control over the account and are currently working on restoring it," Mandiant spokesperson told Cybernews.
Phantom confirmed this was an attempt to impersonate Phantom's official Twitter account.
“The attacker used Mandiant's account to promote a phishing campaign targeting Phantom Wallet users. There was no compromise on Phantom's end, and we promptly blocklisted the phishing sites posted by the scammer,” they told Cybernews.
More from Cybernews:
Subscribe to our newsletter