The British Army’s Twitter and Youtube accounts were hacked this weekend, apparently as part of a scheme to promote certain collections of NFTs (thanks, BBC (opens in new tab)). The Twitter feed as it was can be seen here (opens in new tab): the hackers essentially replaced all the images around the account, and began retweeting NFT-related schemes to the British Army’s approximately 365,000 followers. They also renamed the account ‘pssssd’ and later ‘Bapesclan’.
The Army’s Youtube account, on the other hand, hosted a bunch of fake crypto videos where the footage of Elon Musk is linked to a specific cryptopitch, to give the false impression that the billionaire Tesla founder (and crypto enthusiast) is linked to a given scheme .
These elements of the attack were followed by a more worrying turnaround when the account decided to play with geopolitics, declaring that Britain was at war with Pakistan.
This was obviously not something, but in a time of misinformation, it is far too easy to imagine how such things can be abused and persisted online, long after control of the account has been regained.
Shortly after the post in Pakistan, the account was restored to its rightful owners and the various posts from the hackers were removed. The Army confirmed the hack and posted the following: “Sorry for the temporary interruption in our feed. We will conduct a full investigation and learn from this incident. Thank you for following us and normal service will now resume.”
The British Ministry of Defense issued one of these ominous banal parts of bureaucratic language:
The breach of the Army’s Twitter and YouTube accounts that occurred earlier today has been resolved and an investigation is underway. The military takes information security extremely seriously, and until the investigation is complete, it would be inappropriate to comment further.July 3, 2022
This type of scam, in which relatively high follow-up accounts are hacked to announce get-rich-quick cryptocurrencies, is becoming more common and has landed targets that are even higher profiled than the British Army: Kanye West has been hacked, as has Musk himself, and Bill Gates .
If I were a crypto bridge, and I am not, I simply would not hack the accounts of the organization responsible for SAS. But good luck with that I think.
The slogan of the British Army is Be The Best. Maybe in the future it will follow such advice, and come up with a stronger password than HerMajesty01.
