X Marks the Spot: Mandiant and SEC’s Security Sway on Twitter

In a week marked by digital discord, two influential Twitter accounts found themselves in the crosshairs of cyber threats. Mandiant, a pillar in the Google Cloud ecosystem, disclosed that its X account was breached in a calculated cryptocurrency theft.

Simultaneously, the SEC’s Twitter account became an unwitting player in a market frenzy, with an unauthorized post on a bitcoin ETF approval causing a brief but impactful upheaval. The incident raises serious questions about the integrity of information dissemination on regulated platforms.

On Wednesday, Mandiant, a Google Cloud-affiliated entity, revealed that its X account was compromised as part of a cryptocurrency theft campaign, yielding at least $900,000 for cybercriminals.

The investigation conducted by Mandiant uncovered that a brute-force password attack led to the hijacking of its X account in early January. Despite impacting only a single account, the incident exposed a critical lapse in security, attributing it to a transitional phase in team structure and a change in X’s two-factor authentication policy. Mandiant has since rectified its processes to prevent such incidents in the future.

Mandiant detailed the ClinkSink campaign, involving a drainer-as-a-service (DaaS) leveraged by various threat actors to pilfer funds and tokens from Solana cryptocurrency owners. The operation employed platforms like X and Discord to distribute phishing links, enticing victims with false promises of token airdrops. The attackers leveraged malicious JavaScript code to drain victims’ cryptocurrency wallets, resulting in a financial gain of at least $900,000.

In a concerning parallel development, the U.S. Securities and Exchange Commission (SEC) also faced unauthorized access to its X account, leading to a false announcement regarding the approval of a bitcoin exchange-traded fund (ETF). The fake post triggered a brief spike in Bitcoin’s price, emphasizing the potential market impact of such security breaches.

SEC Chairman Gary Gensler promptly clarified the unauthorized nature of the post, assuring that the SEC had not approved any bitcoin ETFs. This incident highlights the vulnerability of high-profile accounts and the potential consequences of misinformation on regulated exchanges.

Skip to content