Threat actors compromised British Army ’s Twitter, YouTube accounts to promote crypto scams

Threat actors compromised the Twitter and YouTube accounts of the British Army to promote online crypto scams.

The Twitter and YouTube accounts of the British Army were used to promote NFT and other crypto scams. The YouTube account was used to transmit an older Elon Musk clip that attempts to trick users into visiting cryptocurrency scam sites.

The attackers hijacked the verified Twitter account of the British Army, changed the profile images, and renamed it to ‘pssssd.’

After the UK’s Ministry of Defence regained control of its accounts launched an investigation into the incident and apologized for the security breach.

At this time it is not clear how the attackers compromised the accounts simultaneously or if they were protected with two-factor authentication. In the latter case, threat actors could have obtained access to the account through SIM swapping attacks.

At this time it is not clear how the attackers compromised the accounts simultaneously or if they were protected with two-factor authentication. In the latter case, threat actors could have obtained access to the account through SIM swapping attacks. It is still unclear if someone has fallen victim to these scams proposed through the hacked accounts.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, British Army)

[adrotate banner=”5″]

[adrotate banner=”13″]