The British army’s Twitter and YouTube accounts were compromised by a malicious third party on Sunday and used to direct visitors to cryptocurrency scams.
The Ministry of Defence (MoD) press office account took to Twitter at around 7pm local time to report the incident.
“We are aware of a breach of the army’s Twitter and YouTube accounts and an investigation is underway,” it said. “The army takes information security extremely seriously and is resolving the issue. Until their investigation is complete it would be inappropriate to comment further.”
It wasn’t until four hours later that an update claimed the issue had been resolved.
Although only Twitter and YouTube were mentioned in the posts, other reports claimed the army’s Facebook account was also compromised.
They revealed that the hackers posted multiple promotional links to various crypto and NFT scams, including a likely phishing link to a fake mint of The Possessed NFT collection.
On YouTube, the hackers rebranded the entire account to resemble investment firm Ark Invest, posting live stream videos featuring celebs like Elon Musk and Jack Dorsey.
In a classic crypto scam, the videos were used to promote QR codes for viewers to send their crypto to, with claims that doing so would result in them receiving double their investment back, according to reports.
All such content now appears to have been scrubbed by the MoD.
Just last week, high street bank Santander warned of a predicted 87% year-on-year increase in celebrity-endorsed cryptocurrency scams in the UK in 2022.
It reported a 61% increase in the cases it dealt with between Q4 2021 and Q1 2022, with the average cost of these scams increasing 65% year-on-year in the first quarter to reach £11,872.
Separate research from last November found that YouTube Live scams, including fake crypto giveaways, made fraudsters almost $9m in October alone.