Hackers had access to multiple official social media accounts of the British Army for nearly four hours, when they posted crypto phishing links and scams.
The British Army’s official Twitter, Facebook, and YouTube accounts were breached on July 3 for almost four hours, with scammers promoting rip-off non-fungible token (NFT) collections and cryptocurrency scams.
Just after 2PM ET on July 3, the United Kingdom Ministry of Defence (MOD) Press Office tweeted it was aware the Army’s social media accounts were compromised and had begun an investigation.
Nearly four hours later, close to 5:45PM ET, the Office provided an update that the account breaches were resolved. The British Army’s official Twitter account also apologized for the posts, saying it would conduct an investigation and “learn from this incident.”
The breach of the Army’s Twitter and YouTube accounts that occurred earlier today has been resolved and an investigation is underway.
The Army takes information security extremely seriously and until their investigation is complete it would be inappropriate to comment further.
— Ministry of Defence Press Office (@DefenceHQPress) July 3, 2022
Screenshots of the British Army’s official Twitter account posted by users show the hackers promoting at least two fraudulent derivatives of “The Possessed” and “BAPESCLAN” NFT collections.
British Army Twitter account @BritishArmy appears to have been hacked pic.twitter.com/41HPtSeln1
— OSINTtechnical (@Osinttechnical) July 3, 2022
One screenshot shows the hackers pinning a tweet to a fake mint of The Possessed NFT collection, likely a phishing link that would drain user funds if their crypto wallet was connected. Tom Watson, one of the collection’s creators, warned that the information was fake and asked his followers to report the account.
The @BritishArmy has been compromised and is currently being used to shill NFTs.
Previous archive of the Twitter profile: https://t.co/dQmlxlY5l8 pic.twitter.com/gifpsOy000
— vx-underground (@vxunderground) July 3, 2022
Over on YouTube, the hackers rebranded the account to resemble the Cathie Wood-founded investment firm Ark Invest, posting live stream videos of supposed interviews with Elon Musk and Twitter founder Jack Dorsey which were being watched by thousands of people.
the British Army's YouTube page, still under the control of some crypto scammers, is running 4 consecutive livestreams with approx 19,000 people watching as we speak. would be interesting if any of them who fall for the scam could have grounds to sue the Army pic.twitter.com/oVWrDsXKZ1
— Señor Rules (@wariotifo) July 3, 2022
On the commandeered YouTube channel, the posted videos presented QR codes for viewers to send crypto to, claiming they would receive double back, and promoted other cryptocurrency giveaway scams through QR codes.
It’s unknown at this time who was behind the attack, how they achieved it, and how many people may have fallen victim to the phishing and scam links. All of the links, tweets, and related material from the account breaches have since been deleted by the British Army.
Related: CertiK shares security tips following third BAYC security compromise in six months
As reported by Cointelegraph, as much as $1 billion has been lost to crypto scammers in 2021, with nearly 50% of all crypto-related scams coming from social media platforms. The United States Federal Trade Commission even labeled social media and crypto a “combustible combination for fraud.”
In late May, the Twitter account of NFT artist Beeple was compromised and posted links to a phishing website which netted the attacker over $438,000 in crypto and various NFTs. The links were made to look like a “surprise mint” of a new Beeple NFT collection.
Later in June, a similar “stealth mint” phishing link was posted on the compromised Twitter account of the upcoming Duppies NFT collection, with at least one victim losing 650 Solana (SOL), worth around $18,850 at the time.