Updates added under
The Twitter account of American cybersecurity agency and Google subsidiary Mandiant was hijacked earlier immediately to impersonate the Phantom crypto pockets and share a cryptocurrency scam.
“We’re conscious of the incident impacting the Mandiant X account and are working to resolve the problem,” a Mandiant spokesperson instructed BleepingComputer.
After getting management, the attacker renamed it to @phantomsolw and promoted a pretend web site impersonating the Phantom crypto pockets and promising to distribute free $PHNTM tokens as a part of an airdrop.
In checks by BleepingComputer, those that click on the ‘Declare Aidrop’ button and haven’t got the Phantom pockets put in will get redirected to the official website the place they’re prompted to set up it.
As soon as put in, it’ll attempt to routinely drain the targets’ cryptocurrency wallets. Nonetheless, the Phantom Pockets now warns that the scammers’ web site is a part of a phishing assault.
“Phantom believes this web site is malicious and unsafe to use. We’ve disabled the power to work together with it so as to shield you and your funds,” the warning says.
The menace actor behind this assault has since deleted the scam tweet and is now utilizing it to troll Mandiant, saying, “Sorry, change password please.” and “Examine bookmarks while you get account again.”
As proven within the screenshot above, the attacker retweeted posts from the official Phantom account, together with ones advising customers to “by no means rush into clicking hyperlinks,” probably to add legitimacy to future crypto-scam posts.
Mandiant’s authentic Twitter deal with, @mandiant, now shows a “This account does not exist. Strive trying to find one other.” error message.
Replace 1/3/24 9:49 ET: Mandiant has instructed BleepingComputer that they’ve regained management of the account on X and are presently working on restoring it.
Nonetheless, on the time of this replace, the username remains to be renamed to ‘@phantomsolw,’ probably due to Twitter restrictions on altering names too typically.