Hackers Breach Mandiant Account, Divorce Thousands for Cash

The account of the American IB company Mandiant (GOOGLE subsidiary) was hacked for cryptocurrency fraud. The attacker renamed the @Phantomsolw account and distributed false information about the free distribution of $ phntm tokens on behalf of the Phantom cryptocurular. On the hacking reported Malwarehunterteam team. Mandiant already knows about the incident and is working on solving the problem.

attacker’s tweet

After hacking, the cybercriminal placed on the account a fake web page imitating the Phantom website, and promised the free distribution of tokens. When crossing the link on the tweet of users without the installed Phantom wallet, they redirect to the official website for its installation. However, after installing the wallet, there is an attempt to automatically withdraw cryptocurrency from the wallets of victims. Nevertheless, Phantom has already warned about a phishing attack, saying that the site of attackers is dangerous and interaction with it was blocked.

Hamed Profile Mandiant

The attacking, after the publication of fraudulent tweet, deleted it and began to mock Mandiant, publishing messages like “Sorry, change the password” and “Check the bookmarks when you return the account.” The screenshot shows that the attacker retreated messages from the official Phantom account, including warnings about not rushing to cross the links, probably to give legitimacy to future fraudulent posts. The company mandiant reported that at the moment the control over the account has been restored, and all the attackers of the attacker are deleted.

/Reports, release notes, official announcements.