Mandiant, a cybersecurity company owned by Google, had its X account hijacked on January 3 and struggled to regain control of the social media account for several hours in a rather ironic incident.
An unknown scammer reportedly leveraged the official Mandiant X account to spread a cryptocurrency theft link, designed to automatically empty crypto wallets.
Mandiant acknowledged the incident in a statement and announced efforts to regain control of the account, which was later done successfully.
Cybersecurity company faces a cybersecurity problem
Initially posing as Phantom, a crypto wallet and NFT provider, the hacked account lured users to a fraudulent website that purported to offer a token reward to 250,000 eligible accounts.
Mandiant staff reportedly engaged in a back-and-forth struggle for several hours to remove the fraudulent posts, only for them to reappear.
The attacker also posted light-hearted threats to the account, directed at the company’s social media team, including a meme with the comment “change your password please” and another saying “check your bookmarks when you recover your account.”
Mandiant, known for helping clients investigate and recover from major network breaches, was acquired by Google in 2022 for $5.4 billion. Without a doubt, the company’s reputation will be affected by this brief but serious event.
Given the lack of a blue or gold check mark, Google doesn’t pay for any verification status on the Mandiant account like it does for other Google accounts on X. It’s unclear how Mandiant’s social media workers regained control of the account, or if they signed up for a paid account could have accelerated account recovery or prevented it altogether.
A Mandiant spokesperson said TechRadar Pro: “We are aware of the incident that affected the Mandiant X account. We have since regained control of the account and are currently working to restore it.”