Google-owned Mandiant lost control of its X account

5 Jan 2024

Image: © suebsiri/Stock.adobe.com

A hacker attempted to lure victims to a deceptive website from the breached account, before telling Mandiant to change its password.

Cybersecurity firm Mandiant’s social media account on X was hacked in order to lure users to a phishing site.

The company’s account was renamed Phantom – to mimic a company that offers wallets for storing cryptocurrency. During the hack, the account invited users to a deceptive website to see if they were eligible to claim free crypto tokens, according to various screenshots shared by users on X.

Employees of Mandiant appeared to be engaged in a tug-of-war with the hacker, as Ars Technica reports that deceptive posts would be deleted before reappearing a short time later. The hacker eventually changed the name back to Mandiant and taunted the company by telling it to “change password please”.

Mandiant appears to have full control of its account again and confirmed that it lost control despite having two-factor authentication.

“Currently, there are no indications of malicious activity beyond the impacted X account, which is back under our control,” Mandiant said on X. “We’ll share our investigation findings once concluded.”

Mandiant offers managed detection and incident response services and is credited with helping to discover the SolarWinds hack in 2020.

The company was acquired by FireEye in 2014 in a deal worth more than $1bn, but became an independent entity in 2021 after the FireEye product business was sold to McAfee Enterprise.

The hack comes nearly two years after Google bought the cybersecurity company in an all-cash transaction of roughly $5.4bn.

While social media scams can appear clearly deceptive in cases like this, reports suggest they are a highly effective method used by criminals to steal funds from victims.

A report from the US Federal Trade Commission (FTC) last October claimed scammers on social media platforms stole $2.7bn from people in the US since 2021, which was more than “any other contact method”.

The FTC also said the total figure for losses is likely far higher as the “vast majority” of frauds are not reported.

10 things you need to know direct to your inbox every weekday. Sign up for the Daily Brief, Silicon Republic’s digest of essential sci-tech news.

Leigh Mc Gowran is a journalist with Silicon Republic

editorial@siliconrepublic.com