2 min read

Official British Army Twitter and YouTube accounts hijacked by NFT scammers

Graham CLULEY

July 04, 2022

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Official British Army Twitter and YouTube accounts hijacked by NFT scammers

Hundreds of thousands of people who follow the official social media accounts of the British Army may have been surprised to see that it had been hijacked by hackers yesterday.

Although many might have imagined those responsible for the hack might have been a foreign state's cyberwarfare unit, the perpetrators appear to have been scammers exploiting interest in non-fungible tokens (NFTs).

The British Army's verified Twitter account was flooded with promotions related to giveaways and competitions related to NFTs, aimed at enticing its 362,000 followers to visit a scam minting website.

Unwary followers were told that they could win hyped-up NFT digital artworks of cartoon robots and robots in a raffle.  At the same time the profile pictures and account details were changed to promote the NFT promotion.

Meanwhile, the army's YouTube channel, with some 178,000 subscribers, was rebranded to resemble that of investment management firm ARK Invest, and published faked videos of Elon Musk promoting "double your money" cryptocurrency scams.

A spokesperson for the British Army confirmed on Twitter that they were back in control of their social media accounts, and that the security breach was being investigated:

"The breach of the Army’s Twitter and YouTube accounts that occurred earlier today has been resolved and an investigation is underway.  The Army takes information security extremely seriously and until their investigation is complete it would be inappropriate to comment further."

Although an explanation for the social media security breach has not been shared publicly, likely possibilities include that someone in the British Army's social media team has been careless with their password and/or that multi-factor authentication was not in place to make it harder for unauthorised users to gain access.

In the past there have been many incidents of, say, Twitter accounts being hijacked by mischief-makers and scammers after passwords were either guessed or phished.  In many cases, organisations and individuals have made the mistake of reusing passwords they use elsewhere on the internet, choosing weak or easy-to-guess passwords, or carelessly sharing them online.

It's also sadly still common for social media users to have not enabled two-factor authentication on their accounts, which can make it much more difficult for hackers to gain access even if they do manage to determine an account's password.  Instructions for how to enable 2FA on Twitter and YouTube accounts are, one hopes, now being shared within the British Army to anyone who hasn't yet enabled these and similar security features.

tags


Author



Right now

Top posts

Threat actors impersonate Canadian gas retailer to deliver malicious OneNote phishing campaign, Bitdefender Labs warns

Threat actors impersonate Canadian gas retailer to deliver malicious OneNote phishing campaign, Bitdefender Labs warns

January 26, 2023

2 min read
Spammers phish eager vacationers with travel-themed lures, Bitdefender Antispam Lab warns

Spammers phish eager vacationers with travel-themed lures, Bitdefender Antispam Lab warns

January 19, 2023

4 min read
Enhance your cyber resilience and privacy on Computer Security Day in four easy steps

Enhance your cyber resilience and privacy on Computer Security Day in four easy steps

November 29, 2022

2 min read
How to monitor your online privacy during your Thanksgiving trip

How to monitor your online privacy during your Thanksgiving trip

November 22, 2022

3 min read
Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

November 16, 2022

6 min read
Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

November 14, 2022

5 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

New Chromebook Exploit Lets Users Unenroll Managed Devices New Chromebook Exploit Lets Users Unenroll Managed Devices
Vlad CONSTANTINESCU

February 02, 2023

1 min read
BBB Warns Social Security Beneficiaries of Cost of Living Adjustment Scams BBB Warns Social Security Beneficiaries of Cost of Living Adjustment Scams
Alina BÎZGĂ

February 01, 2023

2 min read
Planet Ice hacked! 240,000 skating fans' details stolen Planet Ice hacked! 240,000 skating fans' details stolen
Graham CLULEY

January 31, 2023

2 min read