British Army's Twitter and YouTube accounts hijacked to promote crypto scams

However, everything was back to normal on both accounts by Sunday night

The British Army regained control of its Twitter and YouTube accounts on Sunday after they were briefly compromised and used to promote scams on cryptocurrencies and non-fungible tokens (NFTs).

The organisation acknowledged the "breach" and said that it was looking into the incident.

"We are aware of a breach of the Army's Twitter and YouTube accounts and an investigation is underway," the Ministry of Defence said in a tweet.

"The Army takes information security extremely seriously and is resolving the issue. Until their investigation is complete it would be inappropriate to comment further."

A post on the @BritishArmy Twitter handle said: "Apologies for the temporary interruption to our feed. We will conduct a full investigation and learn from this incident. Thanks for following us and normal service will now resume."

Earlier on Sunday, the Army's Twitter account appeared to have been compromised, featuring a profile photo that resembled a cartoon monkey with face paint, and also showing the moniker "BAPESCAN" instead of British Army.

According to the Guardian, the description of the account was also changed.

Instead of showing the original description, "Follow us for news and information on deployments, training exercises, ceremonial duties & regimental events. Recruiting @armyjobs" the account showed "#1 metavesto clan on the ETH chain with multi-billion dollar experience. Powered by @chaintchlabs".

The modifications were made to give the impression that the account was related to the 'The Possessed' NFT collection.

It was used to retweet several posts about NFTs (non-fungible tokens), which are one-of-a-kind digital files that serve as proof of ownership for virtual items like electronic artwork and cannot be replicated.

The name and logo of the British army's YouTube channel was also reported to have been replaced with an account named Ark Invest.

The hackers deleted all of its videos, as well as changed the name and profile picture of the channel to resemble that of legit investment firm Ark Invest.

A number of old livestreams showing former Twitter CEO Jack Dorsey and Tesla CEO Elon Musk were posted by hackers. Most of the videos uploaded were related to cryptocurrency.

There is no evidence that Ark Invest, a large international investment company, had any involvement in the incident. By Sunday night, everything was back to normal on both accounts.

It is unclear who was responsible for the hack.

The hacking of military information has been a characteristic of the conflict in Ukraine. In early April, the hacker collective Anonymous claimed to have disclosed the personal information of 120,000 Russian troops fighting in Ukraine.

Currently, British Army's YouTube channel has about 177,000 subscribers, while its Twitter account has 362,000 followers.

Tobias Ellwood, a Conservative lawmaker, said the incident "looks serious."

"I hope the results of the investigation and actions taken will be shared appropriately," the chair of the House of Commons Defence Select Committee.

This is not the first instance of a data breach at the British Army.

In April, it was discovered that the computerised, Capita-run Defence Recruitment System (DRS) for the British Army had been shut down as a precautionary measures since mid-March after information pertaining to more than 100 applicants was found for sale on the dark web.

It was unclear if there had been a hack or whether someone had printed or grabbed a screenshot.

Last year, the MoD disclosed in its annual report that data loss incidents hitting the Ministry in 2019-20 increased by 18 per cent compared to the previous year.

Most of the breaches pertained to the inadequate storage of devices, electronic equipment and documents, according to think tank Parliament Street.