The British Army has launched an investigation into a breach of its social media accounts – Twitter, YouTube and Facebook- on Sunday, which led to the accounts being used to promote crypto scams and rip-off non-fungible token (NFT) collections.
Just after 2.00 pm EST On July 3, the the United Kingdom (UK) Ministry of Defence (MOD) Press Office tweeted it was aware that its social media accounts were compromised and said it had launched an investigation into the breach.
We are aware of a breach of the Army’s Twitter and YouTube accounts and an investigation is underway.
The Army takes information security extremely seriously and is resolving the issue. Until their investigation is complete it would be inappropriate to comment further.
— Ministry of Defence Press Office (@DefenceHQPress) July 3, 2022
The post assured the public that all the cryptocurrency and NFT content had been moved from both the Twitter and YouTube accounts and that the Army took “information security extremely seriously and is resolving the issue.” Later, the office provided an update of the incident with the British Army’s official Twitter apologizing for the posts, saying it would conduct an investigation and “learn from this incident.”
A Web3isgoinggreat blog post highlighted that the verified Twitter page with more than 363,000 followers and YouTube channel with more than 178,000 subscribers were simultaneously hacked and used to promote two different NFT and crypto scams
The Twitter page’s profile picture was changed to bear a resemblance to the Possessed NFT, a “contained outbreak” of 10,000 animated NFTs with a price floor of 0.58 ETH (roughly $609 at press time). As expected, the British Army’s Twitter was filled with fake links to the Possessed NFTs.
The British Army putting money into cyber security then get hacked https://t.co/iaV6c3qCSp
— Richie (@dickyfp) July 4, 2022
One of the screenshots archived by Web3isgoinggreat shows that hackers pinned a tweet to a fake mint of the Possessed NFT collection, possibly a phishing link that was aimed at draining user funds once they connected their crypto wallet. One of the creators of the Possessed NFTs, Tom Watson, warned collecteors that the information was fake and asked his Twitter followers to report the account.
.@BritishArmy has been hacked and is spreading fake @ThePossessedNFT info. Forget us, please report their account as compromised as this is not okay
— tmw (c,c,c) (@tmw_buidls) July 3, 2022
On the other hand, the YouTube Channel was rebranded to resemble ARK Invest, an investment management firm founded by Cathie Wood, an Americal investor. Hackers evidently posted old videos of Jack Dorsey and Tesla and SpaceX CEO, Elon Musk, discussing cryptocurrency on the the British Army’s YouTube channel. However, the video included “get rich quick” information that including “double your money” Bitcoin (BTC) and Ethereum (ETH) scams.
On the seized YouTube channel, the hackers posted videos presenting QR codes for viewers to send crypto to, asserting that they would receive double the amount they send. It also promoted other crypto scams in form of giveaways through the said QR codes.
It is still not clear who is behind the attack, how they carried out the breach and how many people fell victim to the scam and phishing links. As earlier mentioned, all the tweets, videos, links and related materials from the event have since been deleted by the British Army.
The latest incident reinforced the common crypto scam where hackers targeted and changed the appearance of the two social media accounts to resemble popular crypto channels, even though they included links to suspicious websites.
Many celebrities and leaders have been targeted in the past. For example, in 2020 Musk, Bill Gates, Joe Biden, President Barak Obama, Kim Kardashian and other well-known figures were subjected to Twitter hacks where there accounts were breached to promote an apparent bitcoin scam.
An Influx Of Crypto Scams
As NFTs and cryptocurrency increase in popularity, there is an influx of scams targeting those who aren’t familiar with the new industries. A report by Cointelegraph reveals that as much as $1 billion was lost to crypto scammers in 2021, with nearly half of all crypto-related scams being achieved through social media platforms. Social media and crypto was labelled by the United States Federal Trade Commission (FTC) a “combustible combination for fraud.”
A recent report by Atlas VPN found that more than $1.3 billion worth of crypto was stolen just in the first four months of 2022. Towards the end of May, the NFT artist Beeple–whose record-breaking $69.3 million NFT helped kick off the craze last year–was the target of a Twitter hacking which netted over $438,000 worth of cryptocurrency and various NFTs in a scam. The phishing links were made to look like a “surprise mint” of a new Beeple NFT collection.
Last month, a similar phishing link was posted on the hacked Twitter account of the upcoming NFT collection, Duppies, in which at least one victim lost 650 Solana (SOL), worth approximately $18,800 at the time. Bored Ape Yatch Club’s Discord community has also fallen to two separate phishing attacks in 2022.
Next NFT to Blow Up - Lucky Block