You should not trust even familiar companies.
The account of the American information security company Mandiant (a subsidiary of Google) was hacked to conduct cryptocurrency fraud. The attacker renamed the account to @phantomsolw and spread false information about the free distribution of $PHNTM tokens on behalf of the Phantom crypto wallet. The hack was reported by the MalwareHunterTeam team. Mandiant is already aware of the incident and is working to resolve the issue.
Attacker's tweet
After the hack, the cybercriminal posted a fake web page on the account that mimics the Phantom site, and promised free distribution of tokens. When you click on a link in a tweet, users without a Phantom wallet installed are redirected to the official website to install it. However, after installing the wallet, an attempt is made to automatically withdraw cryptocurrency from the victims wallets. However, Phantom has already warned about a phishing attack, saying that the site is dangerous for intruders and interaction with it is blocked.
Hacked Profile
After posting the fraudulent tweet, the attacker deleted it and began mocking Mandiant, posting messages like "Sorry, change your password" and "Check your bookmarks when you get your account back." The screenshot shows that the attacker retweeted messages from the official Phantom account, including warnings not to rush to click on links, probably to give legitimacy to future fraudulent posts. Mandiant reported that at the moment, control over the account has been restored, and all the attacker's tweets have been deleted.
The account of the American information security company Mandiant (a subsidiary of Google) was hacked to conduct cryptocurrency fraud. The attacker renamed the account to @phantomsolw and spread false information about the free distribution of $PHNTM tokens on behalf of the Phantom crypto wallet. The hack was reported by the MalwareHunterTeam team. Mandiant is already aware of the incident and is working to resolve the issue.
Attacker's tweet
After the hack, the cybercriminal posted a fake web page on the account that mimics the Phantom site, and promised free distribution of tokens. When you click on a link in a tweet, users without a Phantom wallet installed are redirected to the official website to install it. However, after installing the wallet, an attempt is made to automatically withdraw cryptocurrency from the victims wallets. However, Phantom has already warned about a phishing attack, saying that the site is dangerous for intruders and interaction with it is blocked.
Hacked Profile
After posting the fraudulent tweet, the attacker deleted it and began mocking Mandiant, posting messages like "Sorry, change your password" and "Check your bookmarks when you get your account back." The screenshot shows that the attacker retweeted messages from the official Phantom account, including warnings not to rush to click on links, probably to give legitimacy to future fraudulent posts. Mandiant reported that at the moment, control over the account has been restored, and all the attacker's tweets have been deleted.
