The British Army’s official Twitter, Facebook, and YouTube accounts had been breached on July 3 for nearly 4 hours, with scammers selling rip-off non-fungible token (NFT) collections and cryptocurrency scams.
Just after 2PM ET on July 3, the United Kingdom Ministry of Defence (MOD) Press Office tweeted it was conscious the Army’s social media accounts had been compromised and had begun an investigation.
Nearly 4 hours later, shut to five:45PM ET, the Office supplied an replace that the account breaches had been resolved. The British Army’s official Twitter account additionally apologized for the posts, saying it will conduct an investigation and “learn from this incident.”
The breach of the Army’s Twitter and YouTube accounts that occurred earlier at this time has been resolved and an investigation is underway.
The Army takes data safety extraordinarily critically and till their investigation is full it will be inappropriate to remark additional.
— Ministry of Defence Press Office (@DefenceHQPress) July 3, 2022
Screenshots of the British Army’s official Twitter account posted by customers present the hackers selling at the very least two fraudulent derivatives of “The Possessed” and “BAPESCLAN” NFT collections.
— OSINTtechnical (@Osinttechnical) July 3, 2022
One screenshot exhibits the hackers pinning a tweet to a pretend mint of The Possessed NFT assortment, doubtless a phishing hyperlink that might drain consumer funds if their crypto pockets was related. Tom Watson, one of many assortment’s creators, warned that the knowledge was pretend and requested his followers to report the account.
The @BritishArmy has been compromised and is presently getting used to shill NFTs.
— vx-underground (@vxunderground) July 3, 2022
Over on YouTube, the hackers rebranded the account to resemble the Cathie Wood-founded funding agency Ark Invest, posting stay stream movies of supposed interviews with Elon Musk and Twitter founder Jack Dorsey which had been being watched by hundreds of individuals.
the British Army’s YouTube web page, nonetheless below the management of some crypto scammers, is working 4 consecutive livestreams with approx 19,000 individuals watching as we converse. could be fascinating if any of them who fall for the rip-off may have grounds to sue the Army pic.twitter.com/oVWrDsXKZ1
— Señor Rules (@wariotifo) July 3, 2022
On the commandeered YouTube channel, the posted movies offered QR codes for viewers to ship crypto to, claiming they’d obtain double again, and promoted different cryptocurrency giveaway scams by means of QR codes.
It’s unknown presently who was behind the assault, how they achieved it, and the way many individuals might have fallen sufferer to the phishing and rip-off hyperlinks. All of the hyperlinks, tweets, and associated materials from the account breaches have since been deleted by the British Army.
Related: CertiK shares safety suggestions following third BAYC safety compromise in six months
As reported by Cointelegraph, as a lot as $1 billion has been misplaced to crypto scammers in 2021, with practically 50% of all crypto-related scams coming from social media platforms. The United States Federal Trade Commission even labeled social media and crypto a “combustible combination for fraud.”
In late May, the Twitter account of NFT artist Beeple was compromised and posted hyperlinks to a phishing web site which netted the attacker over $438,000 in crypto and numerous NFTs. The hyperlinks had been made to appear like a “surprise mint” of a brand new Beeple NFT assortment.
Later in June, an identical “stealth mint” phishing hyperlink was posted on the compromised Twitter account of the upcoming Duppies NFT assortment, with at the very least one sufferer shedding 650 Solana (SOL), value round $18,850 on the time.