Google-owned cybersecurity firm Mandiant has discovered itself within the awkward place of getting to wrestle again management of its Twitter account, after it was hijacked by scammers yesterday.
The official Mandiant account, which is adopted by over 100,000 folks, was seized by scammers selling hyperlinks to a phony web site which claimed to supply free $PHNTM cryptocurrency tokens (however which was truly aiming to empty punters’ wallets.
The hackers renamed the account “Phantom”, and altered its biog to faux to belong to the Phantom cryptocurrency pockets.
In a tweet, since eliminated, the hackers posted the next message:
The $PHNTM distribution has formally began.
Our snapshot recorded over 250,000 wallets, head over to our web site to test should you’re eligible to assert.
[LINK]
The quantity of tokens you obtain will rely in your portfolio & snapshot place.
The fraudsters taunted Mandiant in a sequence of tweets because it struggled to regain management of its account. One of many messages suggested the cybersecurity firm to alter its password, and one other identified it could be clever to test what the Twitter account might have bookmarked whereas it was underneath the management of the scammers.
Mandiant has since restored its entry to the account, and posted an acknowledgement of the incident.
As you possible seen, yesterday, Mandiant misplaced management of this X account which had 2FA enabled. Presently, there are not any indications of malicious exercise past the impacted X account, which is again underneath our management. We’ll share our investigation findings as soon as concluded.
It’s clearly reassuring to listen to that Mandiant had two-factor authentication enabled on its Twitter account, as that does present a better degree of safety.
Nevertheless, it maybe additionally serves as a well timed reminder to all of us that having 2FA turned on doesn’t imply that an account is unimaginable to compromise. It will likely be fascinating to listen to what Mandiant has to share in regards to the safety breach, and what different firms may study from the incident.
