Crypto
Mandiant X/Twitter hacker linked to $900K cryptocurrency phishing scheme
Mandiant, a Google-owned cybersecurity company, says a “brute force password attack” likely caused the takeover of its X (formerly known as Twitter) account last week.
The account hijacking was part of a cryptocurrency phishing campaign linked to a drainer-as-a-service (DaaS) offering Mandiant calls CLINKSINK, according to a blog post detailing the company’s investigation.
An estimated $900,000 or more in Solana (SOL) cryptocurrency has been stolen in recent campaigns by 35 CLINKSINK affiliates identified in the Mandiant probe. These affiliates typically share about 20% of the stolen crypto with the DaaS operator, who raked in more than $180,000 in SOL since New Year’s Eve, according to the blog post.
Meanwhile, Mandiant is facing scrutiny after admitting that “some team transitions and a change in X’s 2FA policy” resulted in the security lapse that led to the hijacking.
Mandiant is one of several well-known organizations caught up in a recent string of X account hijackings, which most recently hit the U.S. Securities and Exchange Commission (SEC) in an incident that briefly shook up the Bitcoin market.
Mandiant’s X/Twitter hack explanation, 2FA lapse questioned by critics
Mandiant noted in its blog post that no Mandiant or Google Cloud systems, other than its X account, were compromised in the hours-long incident on Jan. 3.
Referring to a likely “brute force” attack, the company’s statements published on X Wednesday afternoon seem to imply an attacker targeted the social media account by trying multiple passwords until they successfully logged in.
In replies to Mandiant’s post, some critics noted that this explanation was questionable due to X’s policy of temporarily locking accounts after a “limited number of failed attempts” to log in.
“Not possible due to rate limitation except if the password was 123Password,” one user commented.
The exact number of failed attempts needed to trigger this measure is not provided by X, so SC Media tested the log in feature on a personal X account. We received a notice that the account was locked on the sixth attempt to log in with the wrong password.
No alerts about the failed log-in attempts were sent to the email address linked to the account, and we were also able to access the account, during the temporary lock out period, using the option to sign in with Google/Gmail.
Mandiant did not elaborate on the two-factor authentication (2FA) policy change that contributed to the breach, but this likely refers to X’s removal of the SMS 2FA option for non-Premium subscribers on March 20, 2023.
If this is the case, Mandiant’s account likely had no 2FA protection when it was compromised. X users can still use the authentication app or security key methods of 2FA for free.
“We’ve made changes to our process to ensure this doesn’t happen again,” Mandiant said in its statement.
A Google spokesperson declined to provide additional details about the incident to SC Media.
CLINKSINK affiliates impersonate legitimate crypto sites to drain wallets
After compromising Mandiant’s X account, which has more than 123,000 followers, the hijacker changed the account handle to @phantomsolw, impersonating the legitimate Phantom crypto wallet.
In a post on the hacked account, the CLINKSINK affiliate promoted a supposed opportunity to claim free $PHNTM tokens by clicking a link. Upon clicking the link, users would be urged to connect their Solana wallet and sign a transaction to claim the promotional token airdrop.
The JavaScript-based CLINKSINK drainer linked to the phishing site performs checks to verify that victims have the Phantom Desktop Wallet installed and is capable of surveying connected Solana wallets to check details, including balances. CLINKSINK is also set up to split the drained funds between the affiliate and operator accounts, usually at a ratio of 80% and 20%, respectively.
In the case of the Mandiant hijacking, the phishing scheme failed due to Phantom recognizing the site as malicious and blocking users from connecting their wallets, BleepingComputer reported.
The hijacker later deleted the phishing tweet and resorted to using the Mandiant account to mock the company with messages like “Check bookmarks when you get your account back.”
Mandiant identified other legitimate crypto utilities like DappRadar and BONK being used in related CLINKSAFE campaigns across social media platforms, including X and Discord.
CertiK, Netgear and Hyundai Middle East & Africa (MEA) have also had their X accounts hacked in cryptocurrency-draining schemes this year, but there is no confirmation that these incidents were also linked to CLINKSINK.
Crypto
Trump made money off his meme coin, did its investors?
US President Donald Trump has made $US1.4 billion ($2b) from cryptocurrency in the past 12 months.
$US635 million came from celebration coins royalties and $US236m came from cryptocurrency “token sales”, while the rest of his income came from assorted cryptocurrency wallets.
His celebration coin income is linked to meme coins he launched before returning to office, namely $TRUMP.
But what are meme coins and has anyone other than the Trump family profited?
Meme coins
Cryptocurrencies are a type of digital asset, not unlike a stock, which can be used as an exchangeable form of money online.
Much like paper currencies since the gold standard was ended, crypto has value because investors collectively agree it does, in part due to its security and scarcity.
Meme coins on the other hand are a bit harder to pin down.
“Meme coins are cryptocurrencies that leverage popular memes or internet trends to create a community-driven, often playful approach to digital currency,” according to crypto broker Blockchain.com.
Meme coins have no inherent value and, unlike Bitcoin, have varying limits of scarcity, rendering the price of any coin vulnerable to the rise and fall in popularity of whatever meme or trend inspired the item.
As an example Hailey Welch, an American woman, launched her own brand of meme coin after she rose to internet fame in June 2024.
The $HAWK coin released in December 2024 reached a market capitalisation of $500m before it crashed to $25m by late January.
Investors have since sued $HAWK.
The $TRUMP coin
The $TRUMP coin is valued at $US1.65 as of July 1, 2026. (Supplied: GetTrumpMemes.com)
Mr Trump’s own meme coin $TRUMP launched days before his second inauguration, also in January 2025.
At its peak it sold for almost $US75 a coin, but by the end of February its value had plummeted to about $US20 and as of July 1, 2026 its value sits at $US1.65.
This is where the bulk of Mr Trump’s $US635m in royalties and $US236m in token sales are believed to have come from.
In April 2026, Democratic Senator for California Adam Schiff said he and other senators would be investigating a Mar-a-Lago conference which invited the top 297 $TRUMP token holders to attend and offered VIP access to Mr Trump.
In a statement he said CIC Digital and Fight Fight Fight LLC, which controlled 80 per cent of $TRUMP supply, received trading revenue from all $TRUMP activity.
“The announcement of the conference ‘set off a quick but brief run-up in the price of the $TRUMP meme coin, which reached $3.08 before tumbling back down,’” the senators highlighted.
“President Trump financially benefits from the market value and activity of the $TRUMP cryptocurrency.“
Mr Schiff and his fellow senators asserted “not all” investors of $TRUMP and the similarly branded first ladies meme coin, $MELANIA, benefited from their investment.
“According to recent reports, $TRUMP, and the First Lady’s meme coin, $MELANIA, “erased an estimated $4.3 billion in retail wealth,” they said.
“Insiders, however, reportedly made a fortune: 45 ‘early-deployment wallets’ earned $1.2 billion off the meme coins, meaning that for every dollar insiders earned, retail investors lost $20.”
World Liberty Financial, another Trump family-linked business which distributed Mr Trump’s royalty and token sale revenue, provided him with an additional $65m in income.
Eric Trump and Donald Trump Jr are involved in its management and it was co-founded by Zach Witkoff, the son of Mr Trump’s special envoy to the Middle East Steve Witkoff.
Donald Trump Jr and Eric Trump with Zach Witkoff. (Reuters: Eduardo Munoz)
Mr Trump’s $236m in token sale revenue is a marked leap in profits collected compared to Mr Trump’s 2025 disclosure which only reported $US57m from token sales.
World Liberty Financial launched another cryptocurrency in May, 2025 called USD1.
USD1 rose to US$1.016 after launch and is now valued at $U0.99.
It was also used to pay bonuses to UFC fighters performing at the White House in June.
On July 1, after his disclosure came out, Mr Trump said his wealth was the result of the US stock market’s success.
“”You know why I’m profiting? Because the stock market’s going up, everybody’s profiting,” Mr Trump said, according to Reuters.
Crypto
OKX Announces Direct Crypto Aid for Venezuelans Hit by Devastating Twin Earthquakes
Key Takeaways
- OKX launched a 20 USDT airdrop for earthquake victims, easing the financial burden on affected residents.
- Eligible La Guaira residents receive automatic credits, providing immediate crisis relief without hurdles.
- Following Binance’s $3M pledge, OKX’s move amplifies the role of crypto in global disaster relief efforts.
OKX Opens Airdrop for Venezuelan Earthquake Victims
OKX, one of the largest cryptocurrency exchanges by volume, has taken action to help Venezuelan users affected by the twin earthquakes that left over 2,000 dead and hundreds of buildings collapsed.
On social media, using its Latam account, OKX referred to the twin earthquakes that hit Venezuela on June 24, 2026, and how the cryptocurrency community has responded to this event in one of the Latam countries with growing crypto adoption.
“We know that these days have been difficult. But we have also seen something extraordinary: the solidarity of Venezuela and the entire international community, which fills us with hope,” it declared.
To help Venezuelan users in regions hit by the natural disaster, OKX announced it will distribute 20 USDT to each user with proof of address (POA) verifying they reside in La Guaira, the state most affected by the twin earthquakes.
While OKX did not disclose the total funds available for this initiative, it pointed out that support was limited and would be distributed on a “first-come, first-served” basis.
The funds will be automatically credited to the accounts that fulfill the POA requirement. “No registration, claim code, or qualifying transaction is required; the 20 USDT reward is automatically credited once eligibility is confirmed,” the exchange explained.
“We know that the road ahead will require effort, help, and support from everyone for a long time. But you will not walk it alone. We are one region, and we will be with you on this journey. We stand with you, Venezuela.” OKX concluded.
OKX’s relief efforts follow a similar campaign by Binance. The most popular exchange in Venezuela pledged $3 million to users residing in La Guaira, Distrito Capital, Miranda, Aragua, Carabobo, Falcón, and Yaracuy, offering a similar path for users to reclaim 20 USDT via redeemable vouchers.
Crypto
Trump Made $1.4bn From Cryptocurrency Since Returning to Office
Donald Trump made $1.4bn (approximately £1bn) from his cryptocurrency dealings in his first year back in office, in what his former White House lawyer has described as part of “the greatest onslaught of corruption in the history of mankind.”
Overall, Trump pulled in at least $2.2bn (£1.65bn) from his vast holdings, including real estate assets, in 2025. By comparison, his enterprises pulled in $662m (£495m) in 2024 before he returned to the presidency.
The US president – who denies any wrongdoing – received around $500m (£374m) from $WLFI, the digital currency sold by his family’s main crypto firm World Liberty Financial (WLF).
Trump also got a windfall from his $TRUMP meme coin, which was launched three days before his inauguration and earned him more than $600m (£449m).
The coin was dismissed as a ‘pump-and-dump scheme’ by analysts and led to hundreds of thousands of mostly small investors losing money.
The figures were released as part of Trump’s 927-page mandatory financial report for 2025.
An additional $500m (£374m) deal – struck days before his second inauguration in January 2025 – to sell 49% of WLF to representatives of a high-ranking Emirati royal has invited accusations of corruption.
The deal saw $187m (£140m) of the initial payment steered to entities controlled by the Trump family, according to the Wall Street Journal.
Months later, the UAE got the green light to import 500,000 Nvidia AI chips, despite concerns from US security officials.
Former White House lawyer Ty Cobb, who was part of the Trump administration’s legal team between 2017 and 2018, accused the president of violating parts of the constitution designed to prevent federal officials from engaging in corruption or being unduly influenced by foreign powers.
“Several hundred million dollars related to those coins,” Cobb told CNN. “How can that be anything other than trading on his image and likeness in violation of the emoluments clause?”
He added: “We are seeing the greatest onslaught of corruption in the history of mankind in the last 18 months.”
The White House has called the accusation “bogus and irrelevant”. Trump denied that he was profiting from the presidency, adding: “We have funds that run my money.”
“He got richer,” California’s governor Gavin Newsom posted on X. “His crypto supporters got rug-pulled.”
Lee Reiners, a former Federal Reserve Bank examiner who now specialises in cryptocurrency, told the New York Times: “It is hard to wrap your head around that the president of the United States would engage in this level of self-enrichment at the expense of so many of his supporters.”
He added: “This is a president of the United States who has made more money off crypto since he took office than he made in any prior year in his entire business career.”
-
Lifestyle38 minutes agoYou know the Mayflower. What about the White Lion? Here’s the story of ‘Two Ships’
-
Technology46 minutes agoFlatbush Zombies’ Erick the Architect misses his BlackBerry keyboard
-
World53 minutes agoWaltz calls out Iranian diplomat at UN following drone strikes on Bahrain and Kuwait
-
Politics56 minutes agoTop Trump official touts how DC makeover is proof America is rejecting ‘decline by choice’
-
Health1 hour agoFourth of July fireworks pose hidden health risk for certain Americans, experts warn
-
Sports1 hour agoChris Johnson’s former teammate reflects on ex-star’s surprise ALS diagnosis, tight-knit bond after milestone
-
Business1 hour agoWant an AI-proof job? New research says you may be safer at companies embracing the technology
-
Entertainment1 hour agoTaylor Swift and Travis Kelce: Revisit the roots of their love story ahead of MSG wedding bash