Attackers hacked a third-party service and used their unauthorized access to push out Nazi-themed tweets from high-profile Twitter accounts.
On 14 March, prominent companies, publishers, and personalities tweeted out messages containing swastikas and the hashtags #NaziGermany and #NaziHollan written in Turkish. It’s thought that supporters of Turkey sent out the tweets after the Netherlands’ expelled two Turkish ministers from their consulates on 12 March.
As reported by Yahoo! Finance, Turkey’s President Recep Tayyip Erdoğan severed diplomatic ties with the Dutch government and accused it of acting like “Nazi remnants” in response. The tweets reference both Erdoğan’s comments and 16 April, a date on which Turkish citizens will vote on whether to keep their current president in power until 2029.
Richard Lawler of Engadget provides more information about the attack:
“Twitter accounts for Forbes and actress Sarah Shahi are among those affected, but so far we’re not seeing any phishing activity. It’s just the same tweet over and over again with a pro-Erdogan (the president of Turkey) message and YouTube video attached. One difference from last time is that instead of solely targeting high profile accounts, the people behind this attack are focusing on numbers, with hundreds of tweets flowing out every few minutes.”
At this time, it appears the tweets started flowing after unnamed actors hacked a service called Twitter Counter. Information security expert Graham Cluley, who discovered his account had also been affected, explains the third-party app helps track Twitter followers after gaining read and write access to a profile. These permissions allowed the hackers to publish tweets without first obtaining his password or bypassing Twitter’s Login Verification feature he had set up on his account.
Like Cluley, many victims of the third-party hack are now in recovery mode.
We (alongside many other sites) are working to regain complete access to our twitter acct. Sorry for the confusion. Should be restored soon.
— Blockchain (@blockchain) March 15, 2017
Earlier this morning our Twitter account was hacked. We've now deleted the hacked tweet and investigating what happened. Apologies & thanks
— AmnestyInternational (@amnesty) March 15, 2017
Anyone who’s been affected by the hack, of which Twitter Counter is aware, should delete the offending tweets and consider revoking access to the third-party app. Just to be safe, they should also enable Login Verification and make sure their Twitter accounts are protected with a strong password. For tips on how to create a strong combination, click here.