Scammers recently targeted the Bored Ape Yacht Club, a highly valued NFT collection. They made off with millions of dollars worth of digital goods after unaware owners clicked on phishing links released via one of the collection’s hacked management accounts. (1)
The Hacked Accounts:
The name of the Twitter account was frequently altered, and new profile images were uploaded that included a robot and an ape wearing makeup resembling that of the Batman villain The Joker.
Posts from the account pushed followers to enter contests, with winners chosen randomly to get NFTs or blockchain-stored digital artworks.
A cartoon monkey was used as one of the profile pictures, while hackers repeatedly changed the name of the British Army’s Twitter account. Posts and retweets from the account encouraged the 362,500 British Army Twitter followers to participate in contests where the randomly chosen winners would receive non-fungible tokens (NFTs). (2)
A tweet posted on the official account said: “Apologies for the temporary interruption to our feed. We will conduct a full investigation and learn from this incident.
The YouTube account of the British Army was also hacked, and it was replaced with one called Ark Invest, which advertised several live broadcasts ostensibly showing an interview with Tesla inventor Elon Musk discussing cryptocurrencies.
So who are the Scammers?
Although the group responsible for the cyberattacks is not yet identified, the humiliating breach causes the military to seriously question their security procedures and raises the possibility that other social media accounts may also be in danger.
“We can confirm that earlier today, there was a breach of the Army’s Twitter and YouTube accounts, and an investigation is underway. The Army takes information security extremely seriously and is resolving the issue. Until their investigation is complete, it would be inappropriate to comment further,” the Ministry further posted.
Uncertainty surrounds the involvement of the international investment company Ark Invest in the cyberattack.
An email and website comment request was sent to the corporation, but there was no quick response. A Twitter spokesperson later said that the British Army’s account has since been locked and secured, the account holders have now regained access, and the account is back up and running”.(3)