Mandiant loses control of X/Twitter account

Share post:

The X/Twitter account of Google’s Mandiant cybersecurity service has been taken over by a hacker who is seemingly promoting a cryptocurrency scam.

The incident happened very early Wednesday morning, Eastern time. As of Wednesday afternoon, the account called Mandiant was still run by an operator called ‘Phantom.’ Messages posted refer to “token prices” and include a link to an app.

“We’re looking into it,” Mark Karayan, Mandiant’s media communications lead for threat intelligence, told IT World Canada. “It’s definitely been taken over … We’re working to get it resolved.”

Karayan couldn’t say how the incident happened.

Google acquired Mandiant in 2022 for US$5.4 billion. Mandiant had been owned by FireEye, but was spun off after the parent company admitted in February 2021 that a threat actor had compromised the firm and made off with FireEye cybersecurity tools.

Google has been one of the leading IT suppliers pushing organizations around the world to adopt multifactor authentication (MFA) as an extra step to protect logins not only to its services, but also for any network-linked service. Google staff have had to use MFA for years. Since 2017, all Google employees were forced to adopt Google’s Titan key-based MFA to ensure staff aren’t victims of phishing attacks in which a victim is directed to a fake login site where their username and password can be copied.

It isn’t known if staff who had access to the Mandiant X/Twitter had to use security keys, which are USB sticks that have to be physically plugged into a computer to provide an extra login factor for access.

Still, experts note that, unless MFA systems are set up properly, hackers may be able to get around them by convincing IT support staff to reset passwords. If done through a man-in-the-middle attack, a hacker can get hold of a user’s session cookie to take over access.

RELATED CONTENT: Use these phishing-resistant authenticators

Perhaps by coincidence, the takeover of the Mandiant account this week comes with the revelation that the X/Twitter account of a Canadian senator was temporarily captured by a hacker.

The post Mandiant loses control of X/Twitter account first appeared on IT World Canada.
Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.

Featured Tech Jobs


Related articles

Russian threat actor expanding its target list, warns Five Eyes report

APT29 is increasingly going after cloud services in mo

Canada’s privacy watchdog investigating hack at Global Affairs

Inquiry will look into adequacy of data safeguards at the federal

Sidebar: The powerful Digital Safety Commission

A look at the powers of the proposed five-person body charged with overseeing the Online

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways