UK Army’s Twitter, YouTube accounts hacked to push crypto scam

British Army's Twitter and YouTube accounts were hacked and altered to promote online crypto scams sometime yesterday.

Notably, the army's verified Twitter account began displaying fake NFTs and bogus crypto giveaway schemes.

The YouTube account was seen airing "Ark Invest" live streams featuring an older Elon Musk clip to mislead users into visiting cryptocurrency scam sites.

British Army investigating Twitter, YouTube hack

In a statement released last night, the UK's Ministry of Defence confirmed having regained control of its Twitter and YouTube accounts that had been hacked to promote cryptocurrency scams.

Threat actors had hijacked the Army's social media accounts to push fake Non-Fungible Tokens (NFTs) and bogus crypto giveaway schemes.

The breach of the Army’s Twitter and YouTube accounts that occurred earlier today has been resolved and an investigation is underway.

The Army takes information security extremely seriously and until their investigation is complete it would be inappropriate to comment further.

— Ministry of Defence Press Office (@DefenceHQPress) July 3, 2022

Sometime yesterday, the verified Twitter account of British Army was renamed to 'pssssd' with header and profile images changed.

Threat actors in control of the account then began tweeting and retweeting links to crypto scam sites:

Hackers are increasingly targeting verified Twitter accounts to conduct various nefarious activities—from scamming victims for money to sending fake account "suspension" notices, as reported by BleepingComputer this week.

Twitter typically verifies accounts only if they represent celebrities, politicians, journalists, activists, notable influencers, and government and private organizations.

To receive the verified 'blue badge,' Twitter users must apply for verification and submit supporting documentation to show why their account is 'notable.'

Gaining a blue badge isn't easy and having one could make an account look more "authentic," which makes it incentivizing for threat actors to hack existing verified accounts and vandalize them for their purpose.

In a similar fashion, British Army's YouTube channel started "live-streaming" older videos of Elon Musk to lure users to visit fake "Ark Invest" crypto scam websites.

Note, the "Ark Invest" live streams used in this attack aren't novel either.

In May this year, both McAfee security researchers and BleepingComputer had reported seeing many such Elon Musk "Ark Invest" YouTube livestreams. By May, Fraudsters behind such attacks had stolen more than $1.3 million after re-streaming an edited version of an old live panel discussion on cryptocurrency that featured Elon Musk, Jack Dorsey, and Cathie Wood at Ark Invest's "The ₿ Word" conference.

It remains yet to be known how exactly were British Army's two social media accounts hijacked almost simultaneously, and if anyone has fallen victim to these scams.