Posted on July 4, 2022 at 3:36 PM
A recent report reveals that a hacker compromised the YouTube a Twitter accounts of the British Army to promote crypto scams. According to the report, the Twitter account name was changed to “psssd” where the banner and profile pictures were altered to look like a nonfungible token collection known as “The Possessed.”
The changed account advised users about a “new verified SCAM account that impersonates a collection of NFTs.
The account was later given another name “Bapesclan”, which is the name of another collection of NFTs. This time, the hackers changed the banner and profile image to a cartoon ape with the makeup of a clown. The threat actor started retweeting posts that promote schemes on NFT giveaways. The idea is to deceive users to gain access to their NFT tokens. Investigation into the hacking activity is still ongoing, and Bapesclan did not immediately respond to questions about the incidence.
The Name Of The UK Military Account Was Also Changed
According to the report, the UK Army YouTube name was also changed to “Ark Invest”, which is the name of the investment company of Bitcoin enthusiast Cathie Wood.
The hacker deleted all the videos in the account and added live streams of old video clips of discussions between Twitter co-founder Jack Dorsey and Elon Musk about Bitcoin. The conversation was hosted in July this year by Ark. The live stream also included text, which directed users to cryptocurrency scam websites. However, both social media accounts have been taken back and returned to the UK Army.
UK’s Ministry of Defense tweeted shortly after the attack was discovered. The tweet noted that the breach of both social media accounts occurred on Sunday morning, but the issue has been resolved. However, the tweet added that the investigation into the incident is ongoing and more details will be provided as soon as additional information is available.
The tweet added that the UK Army takes information security very seriously and it will be commenting further after its investigation into the incident is complete. The Twitter spokesperson noted that it will not be appropriate to comment or state anything about the incidence when everything about the issue is not known.
All Account Holders Have Regained Access
The spokesperson stated that all account holders have regained access to their accounts, and all accounts are now operating fully.
British Conservative lawmaker Tobias Ellwood said the breach has been taken seriously. “I hope the results of the investigation and actions taken will be shared appropriately,” he added.
This will not be the first time hackers have compromised a high-profile social media account to promote cryptocurrency scams. The Twitter accounts of President Joe Biden, Elon Musk, and several other popular figures were compromised and taken over to steal Bitcoin from several followers.
Twitter generally verifies accounts owned by journalists, politicians, celebrities, notable influencers, activists, and private and government organizations. Before the verified blue badge is assigned to an account holder, the users must apply for verification and submit documents that support such documentation, showing their account is popular.
It’s not a mean feat to gain a blue badge, as it will make such an account more authentic and believable to Twitter users. This makes it very attractive to threat actors who are looking to scam victims. Apart from the popularity of the verified Twitter account with lots of followers, the hackers will have more targets who would believe that promotions being run on the account are genuine.
Threat actors now prefer going through the hassles of breaching a verified Twitter account to do their fake promotions. They see it as more beneficial than using a less popular account to promote their schemes.
Hackers Target Verified Twitter Accounts
In May this year, both BleepingComputer and McAfee security researchers reported several such Elon Musk “Ark Invest” YouTube live streams. Before the end of the month, the threat actors responsible for the attacks had made away with $1.3 million after they restreamed an edited version of his discussion.
However, it’s not known how the threat actors were able to successfully hack into two of the main social media accounts of the British Army. The accounts were compromised almost at the same time, and it’s unclear whether anyone has fallen victim to the scams. The UK Army stated that any additional details will be provided once the investigation into the matter is complete.