YouTube and Twitter accounts of the British Army were reportedly hacked and used to promote cryptocurrency scams. It remains unclear when exactly the hack on both accounts took place. However, reports say both accounts have been restored and are back to normal now. “We are aware of a breach of the Army’s Twitter and YouTube accounts and an investigation is underway,” the Ministry of Defence Press Office said on Twitter. “The Army takes information security extremely seriously and is resolving the issue.”
While the hack occurred, information on the British Army’s Twitter page was swapped out for information for The Possessed NFT collection. The organization’s profile picture, bio, and cover photo were taken down and made to seem like it was associated with NFT company. During the hacking period, the account sent out various tweets and retweets for NFT giveaways. It was observed that the pinned tweet particularly linked users to a fake NFT minting website.
These bad actors also didn’t spare the YouTube channel of the British Army deleting all video content and stripping the entire channel while replacing it with video content of a series of old live streams featuring former Twitter CEO Jack Dorsey and Tesla CEO Elon Musk. The channel name was changed and the profile picture was replaced with that of an investment firm Ark Invest. These live streams were previously aired as part of The B Word conference held by Ark Invest in June 2021. Hackers also added an overlay that encouraged unsuspecting users to participate in a crypto scam. The channel went ahead with airing four live streams at the same time, this live stream racked up thousands of viewers.
According to blogger Molly White, these scammers carried out their scheme with some of the same tactics that have been known for use in the recent past. In March, the Twitter account of one of the world’s top Super Smash Bros -MKLeo was taken over and hacked. The hackers used MKLeo’s Twitter account to peddle phoney NFTs. Just like the Britsh Army Twitter hack, these hackers also made it look like they were associated with The Possessed NFT collection. Just two months after that incident, $1.3 million was stolen using the same Ark Invest live streams that were repurposed for this hack.
Twitter spokesperson Rocio Vives confirmed the incident while stating that the British Army’s Twitter account “has since been locked and secured,” and that “account holders have now regained access and the account is back up and running.”