January 4, 2024 at 01:48AM
Mandiant, a Google Cloud subsidiary, had its Twitter account compromised for over six hours by an unknown attacker to promote a cryptocurrency scam. The account has been restored. The breach involved an impersonation of a crypto wallet service and scam posts about an airdrop. The details of the breach remain unclear.
Summary of Meeting Notes:
– The Twitter account of American cybersecurity firm Mandiant, now a subsidiary of Google Cloud, was compromised for over six hours by an unknown attacker to promote a cryptocurrency scam.
– At present, the account has been restored on the social media platform.
– The method of the account breach remains unclear, although reports indicate that the hacked account was initially renamed to impersonate the Phantom crypto wallet service.
– The scam posts from the account promoted an airdrop scam, encouraging users to click on a fraudulent link to earn free tokens, with subsequent messages requesting Mandiant to “change password please” and “check bookmarks when you get account back.”
– Rachel Tobac, CEO of SocialProof Security, highlighted that the takeover of the Mandiant Twitter account could have occurred through various means, including potential compromises within Twitter support.
– The Hacker News has contacted Mandiant for further input, and an update will be provided upon receiving additional information.
Is there anything else you’d like to know or discuss further about these meeting notes?