The British Army is investigating after its Twitter and YouTube accounts were hijacked

The British Army is investigating after its Twitter and YouTube accounts were both breached.

On July 3, as reported by the BBC, Army accounts were taken over and used to promote NFT and cryptocurrency schemes. This included YouTube videos posted with the image of entrepreneur Elon Musk.

Security

Cyber security 101: Protect your privacy from hackers, spies, and the government

Simple steps can make the difference between losing your online accounts or maintaining what is now a precious commodity: Your privacy.

Read now

The British Army's YouTube account name was changed. Screenshots also appeared to show the Army's Twitter account, its name changed, retweeting promotions for NFT projects, complete with images of a cartoon monkey.

SEE: These hackers are spreading ransomware as a distraction - to hide their cyber spying

NFTs are digital assets, including image files, that may represent real-world items. Transactions are recorded on the blockchain.

A capture of the British Army's Twitter account also shows the page was changed to promote NFTs. 

It is unknown who is behind the intrusion.

The British Army confirmed the security incident and apologized "for the temporary interruption to our feed" on Sunday night.

"The breach of the Army's Twitter and YouTube accounts that occurred earlier today has been resolved and an investigation is underway," the Ministry of Defence said. "The Army takes information security extremely seriously and until their investigation is complete it would be inappropriate to comment further."

The accounts have now been restored.

In July 2020, verified Twitter accounts belonging to high-profile individuals and companies, including Elon Musk, Bill Gates, Joe Biden, Kanye West and Apple, were taken over and used to promote a cryptocurrency scam. While the security incident was contained quickly, it wasn't quick enough in that case to stop hundreds of thousands of dollars from being sent fraudulently to the perpetrator's wallet.

While it is not known how the British Army hack took place, Jake Moore, global cyber security advisor at ESET, said the potential causes were the use of profile sharing among multiple admins, risky outsourcing, and a failure to update passwords regularly.

"It can be extremely damaging for organizations and brands when their social media accounts are hacked, so it is vital that all social media admins are using multi-factor authentication and they change the password when anyone who knows it leaves," Moore said. 

Previous and related coverage

• This new malware is at the heart of the ransomware ecosystem
  
• Dragonbridge influencers targets rare earth miners, encourages protests to disrupt production
  
• Google details commercial spyware that targets both Android and iOS devices
  

Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0

Security

Do you need antivirus on Linux?

6 ways to protect yourself from getting scammed online, by phone, or IRL

The best VPN free trials for 2024

8 habits of highly secure remote workers

How to find and remove spyware from your phone

• Do you need antivirus on Linux?
• 6 ways to protect yourself from getting scammed online, by phone, or IRL
• The best VPN free trials for 2024
• 8 habits of highly secure remote workers
• How to find and remove spyware from your phone