Third-Party Twitter Service Hacked to Push Out Nazi-Themed Tweets

Posted on March 15, 2017
FTC Says Identity Theft Victims Don't Always Need a Police Report
Attackers hacked a third-party service and used their unauthorized access to push out Nazi-themed tweets from high-profile Twitter accounts. On 14 March, prominent companies, publishers, and personalities tweeted out messages containing swastikas and the hashtags #NaziGermany and #NaziHollan written in Turkish. It's thought that supporters of Turkey sent out the tweets after the Netherlands' expelled two Turkish ministers from their consulates on 12 March. As reported by Yahoo! Finance, Turkey's President Recep Tayyip Erdoğan severed diplomatic ties with the Dutch government and accused it of acting like "Nazi remnants" in response. The tweets reference both Erdoğan's comments and 16 April, a date on which Turkish citizens will vote on whether to keep their current president in power until 2029. Richard Lawler of Engadget provides more information about the attack:
"Twitter accounts for Forbes and actress Sarah Shahi are among those affected, but so far we're not seeing any phishing activity. It's just the same tweet over and over again with a pro-Erdogan (the president of Turkey) message and YouTube video attached. One difference from last time is that instead of solely targeting high profile accounts, the people behind this attack are focusing on numbers, with hundreds of tweets flowing out every few minutes."
thecounterhack.png
At this time, it appears the tweets started flowing after unnamed actors hacked a service called Twitter Counter. Information security expert Graham Cluley, who discovered his account had also been affected, explains the third-party app helps track Twitter followers after gaining read and write access to a profile. These permissions allowed the hackers to publish tweets without first obtaining his password or bypassing Twitter's Login Verification feature he had set up on his account. Like Cluley, many victims of the third-party hack are now in recovery mode. https://twitter.com/blockchain/status/841933247449821184 https://twitter.com/amnesty/status/841943805892935680 Anyone who's been affected by the hack, of which Twitter Counter is aware, should delete the offending tweets and consider revoking access to the third-party app. Just to be safe, they should also enable Login Verification and make sure their Twitter accounts are protected with a strong password. For tips on how to create a strong combination, click here.
Join over 20,000 IT security pros who get our top stories delivered to their inbox every week!