American cybersecurity agency and Google Cloud subsidiary Mandiant had its X (previously Twitter) account compromised for greater than six hours by an unknown attacker to propagate a cryptocurrency rip-off.

As of writing, the account has been restored on the social media platform.

It is at the moment not clear how the account was breached. However the hacked Mandiant account was initially renamed to “@phantomsolw” to impersonate the Phantom crypto pockets service, based on MalwareHunterTeam and vx-underground.

Particularly, the rip-off posts from the account marketed an airdrop rip-off that urged customers to click on on a bogus hyperlink and earn free tokens, with follow-up messages asking Mandiant to “change password please” and “verify bookmarks while you get account again.”

Mandiant, a number one menace intelligence agency, was acquired by Google in March 2022 for $5.4 billion. It’s now a part of Google Cloud.

“The Mandiant Twitter account takeover might have occurred [in] quite a lot of methods,” Rachel Tobac, CEO of SocialProof Safety, stated on X.

“Some of us are giving the recommendation to activate MFA to stop ATO and naturally that’s a good suggestion at all times *nevertheless it’s additionally potential that somebody in Help at Twitter was bribed or compromised which allowed the attacker entry to Mandiant’s account*.”

The Hacker Information has reached out to Mandiant for additional feedback, and we are going to replace the story as soon as we hear again.