The Twitter account of American cybersecurity firm and Google subsidiary Mandiant was hijacked earlier today to impersonate the Phantom crypto wallet and share a cryptocurrency scam.
“We are aware of the incident impacting the Mandiant X account and are working to resolve the issue,” a Mandiant spokesperson told BleepingComputer.
After getting control, the attacker renamed it to @phantomsolw and promoted a fake website impersonating the Phantom crypto wallet and promising to distribute free $PHNTM tokens as part of an airdrop.
In tests by BleepingComputer, those who click the ‘Claim Aidrop’ button and don’t have the Phantom wallet installed will get redirected to the legitimate site where they’re prompted to install it.
Once installed, it will try to automatically drain the targets’ cryptocurrency wallets. However, the Phantom Wallet now warns that the scammers’ website is part of a phishing attack.
“Phantom believes this…
