Saturday, January 6, 2024
HomeCyber SecurityMandiant's Twitter Account Restored After Six-Hour Crypto Rip-off Hack

Mandiant’s Twitter Account Restored After Six-Hour Crypto Rip-off Hack


Jan 04, 2024NewsroomCryptocurrency / Social Media

American cybersecurity agency and Google Cloud subsidiary Mandiant had its X (previously Twitter) account compromised for greater than six hours by an unknown attacker to propagate a cryptocurrency rip-off.

As of writing, the account has been restored on the social media platform.

It is presently not clear how the account was breached. However the hacked Mandiant account was initially renamed to “@phantomsolw” to impersonate the Phantom crypto pockets service, based on MalwareHunterTeam and vx-underground.

Cybersecurity

Particularly, the rip-off posts from the account marketed an airdrop rip-off that urged customers to click on on a bogus hyperlink and earn free tokens, with follow-up messages asking Mandiant to “change password please” and “examine bookmarks if you get account again.”

Mandiant, a number one menace intelligence agency, was acquired by Google in March 2022 for $5.4 billion. It’s now a part of Google Cloud.

“The Mandiant Twitter account takeover might have occurred [in] numerous methods,” Rachel Tobac, CEO of SocialProof Safety, stated on X.

“Some people are giving the recommendation to activate MFA to forestall ATO and naturally that’s a good suggestion all the time *nevertheless it’s additionally potential that somebody in Help at Twitter was bribed or compromised which allowed the attacker entry to Mandiant’s account*.”

When reached for remark, a Mandiant spokesperson instructed The Hacker Information that it’s conscious of the incident impacting the X account and that it has regained management over the account.

The event comes as CloudSEK revealed that cyber criminals are brute-forcing and hijacking verified Gold accounts on X and promoting them on the darkish internet for as much as $2,000 per account. Moreover, menace actors have been noticed to focus on dormant accounts related to respectable organizations to improve them to the Gold tier.

Cybersecurity

The compromised accounts are then used to submit hyperlinks to malicious domains, urge their followers to hitch random channels based mostly on cryptocurrency, and propagate spam.

“Info stealer malware has a centralized botnet community, the place credentials from contaminated units are harvested,” safety researcher Rishika Desai stated. “These credentials are then additional validated based on patrons’ necessities, equivalent to particular person or company accounts, variety of followers, region-specific accounts, and many others.”

(The story was up to date after publication to incorporate a response from Mandiant.)

Discovered this text attention-grabbing? Observe us on Twitter and LinkedIn to learn extra unique content material we submit.





Supply hyperlink

RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisment -
Google search engine

Most Popular

Recent Comments