British Army regains control of hacked Twitter and YouTube accounts

4 Jul 2022

Image: © cunaplus/Stock.adobe.com

The British Army social media accounts were used to post about NFTs and cryptocurrencies.

The British Army has confirmed it is conducting an investigation after its Twitter and YouTube accounts were hacked yesterday (3 July).

During the hack, the accounts were used to share posts about cryptocurrencies and NFTs.

The army’s Twitter account name, profile picture, cover photo and bio were all changed to look like it was associated with an NFT collection, The Verge reported. The account reportedly linked users to a fake NFT minting website.

The army’s YouTube channel, meanwhile, was renamed to Ark Invest, The Guardian reported. The account appeared to promote an interview with Tesla founder Elon Musk about cryptocurrency.

The Guardian also said the army’s Twitter profile was changed at one point to have the name Bapescan, with an ape-like cartoon profile picture.

The accounts appear to be back under control. The British Army tweeted at 9pm last night that “normal service will now resume” and that it will “learn from this incident”.

The UK’s ministry of defence press office tweeted more than an hour later that the breach had been resolved and that an investigation is underway.

“The army takes information security extremely seriously and until their investigation is complete it would be inappropriate to comment further,” the ministry said.

It is currently unclear who was behind the hack, but it is not the first time a high-profile account has been targeted on Twitter.

In 2020, a major hack managed to collect $116,000 worth of bitcoin after breaching the Twitter accounts of celebrities and tricking followers to send cryptocurrency payments. The targeted accounts included Elon Musk, Bill Gates, Jeff Bezos, Mike Bloomberg, Joe Biden and Kanye West.

The ‘aftermath’ of attacks

A number of UK MPs took to Twitter to share their views on the breach, with Tobias Ellwood saying the hack “looks serious” while Michael Fabricant referred to it as “embarrassing”.

While the hack may not be the work of another nation, Jamie Moles, senior technical manager at cybersecurity provider ExtraHop, said nation state attacks happen “constantly” with countries such as Russia, China and North Korea testing network boundaries.

“Interestingly enough, attacks don’t even have to be fully successful to cause damage,” Moles said. “All hackers need to do is initiate an attack and get the word out.”

Moles said the public doesn’t see behind the scenes and only witnesses the “aftermath” of attacks, which can manifest in various ways.

He added that there are signs that everyone should look out for such as changes to company network speeds, higher traffic or a device with lower credentials trying to access a high-ranking device or document.

“Failing to prepare for such an attack means responding in panic mode, which rarely – if ever – ends well.”

In April of this year, cybersecurity authorities from nations in the Five Eyes intelligence alliance issued a warning about the threat of Russian state-sponsored cyberattacks on critical infrastructure systems.

Microsoft said in a report last month that it detected Russian “network intrusion efforts” on 128 organisations in 42 countries outside Ukraine. The report suggested that Russian intelligence agencies have “stepped up network penetration and espionage activities” against Ukraine’s allies.

10 things you need to know direct to your inbox every weekday. Sign up for the Daily Brief, Silicon Republic’s digest of essential sci-tech news.

Leigh Mc Gowran is a journalist with Silicon Republic

editorial@siliconrepublic.com