Hackers hijack govt and business accounts on X for crypto scams

Hackers are increasingly compromising verified X (formerly Twitter) gold/grey accounts belonging to organizations and government profiles to push cryptocurrency scams and crypto-draining sites; recent high-profile incidents include the hijacking of Mandiant's X account that promoted a fake airdrop and drained wallets. Researchers and CloudSEK report a nascent underground market selling compromised verified accounts (priced ~$1,200–$2,500) and offering affiliate-adding services to lend credibility to scam accounts; recommended mitigations include closing dormant accounts, reviewing security settings, enabling two-factor authentication, auditing connected apps, and monitoring active sessions.