Hacked Mandiant X Account Abused for Cryptocurrency Theft


The account of Mandiant, which is part of Google Cloud, was renamed to ‘Phantom’ and its profile image and description were updated to appear affiliated with the legitimate Phantom cryptocurrency wallet.

Messages posted on the hijacked account promoted a website hosted at claim-phntm.com, which claimed to distribute cryptocurrency tokens through an airdrop. In reality, the site is designed to steal users’ cryptocurrency.

The hacked account was later used to troll the cybersecurity firm, telling it to change its password.