The Twitter account of American cybersecurity agency and Google subsidiary Mandiant was hijacked earlier at present to impersonate the Phantom crypto pockets and share a cryptocurrency rip-off.
“We’re conscious of the incident impacting the Mandiant X account and are working to resolve the problem,” a Mandiant spokesperson informed BleepingComputer.
After getting management, the attacker renamed it to @phantomsolw and promoted a pretend web site impersonating the Phantom crypto pockets and promising to distribute free $PHNTM tokens as a part of an airdrop.
In checks by BleepingComputer, those that click on the ‘Declare Aidrop’ button and do not have the Phantom pockets put in will get redirected to the reputable web site the place they’re prompted to put in it.
As soon as put in, it’s going to attempt to routinely drain the targets’ cryptocurrency wallets. Nonetheless, the Phantom Pockets now warns that the scammers’ web site is a part of a phishing assault.
“Phantom believes this web site is malicious and unsafe to make use of. We’ve got disabled the flexibility to work together with it with a view to defend you and your funds,” the warning says.
The risk actor behind this assault has since deleted the rip-off tweet and is now utilizing it to troll Mandiant, saying, “Sorry, change password please.” and “Examine bookmarks while you get account again.”
As proven within the screenshot above, the attacker retweeted posts from the official Phantom account, together with ones advising customers to “by no means rush into clicking hyperlinks,” seemingly so as to add legitimacy to future crypto-scam posts.
Mandiant’s unique Twitter deal with, @mandiant, now shows a “This account does not exist. Strive looking for one other.” error message.
