Security News > 2024 > January > Mandiant's X account hacked by crypto Drainer-as-a-Service gang
As Mandiant found during a follow-up investigation into the incident, the attacker used a wallet drainer dubbed CLINKSINK. This same drainer has been used since December to steal funds and tokens from users of Solana cryptocurrency as part of a large-scale campaign involving at least 35 affiliate IDs linked to a shared drainer-as-a-service.
Since the start of the year, a massive wave of account breaches has impacted X users, with verified organizations getting hacked to spread cryptocurrency scams and links to wallet drainers.
X also noted that the SEC's account did not have two-factor authentication enabled at the time the account was hacked.
Previously, the Netgear and Hyundai MEA X accounts were also hijacked to promote fake cryptocurrency sites pushing wallet drainers, with the X account of Web3 security firm CertiK getting hacked one week before for the same malicious goal.
Web3 security firm CertiK's X account hacked to push crypto drainer.
Netgear, Hyundai latest X accounts hacked to push crypto drainers.