Twitter users around the world were subjected to a series of hacks in which an individual or group posted tweets from people’s accounts using swastikas and hashtags that accused people in the Netherlands of being Nazis. Some profile photos were also changed. The hacked tweets were written in Turkish.
The widespread hack comes as tensions mount between the Netherlands and Turkey after Turkish ministers were barred from addressing rallies organized by Turks in the Netherlands, leading Turkish President Tayyip Erdogan to accuse the Dutch of “behaving like Nazis.”
Now, celebrities such as U.S. actress Sarah Shahi are paying the price for the spat across the pond, with this tweet showing up at the top of her account this morning.
The targets in the hacks weren’t just celebrities, however. UNICEF and Amnesty’s Twitter accounts were targeted, as was Forbes’, along with those of many social media and marketing professionals.
The root cause of the compromised accounts was a third-party application called Twitter Counter, which provides Twitter analytics such as usage, visitors, and followers. To use the service, people have to give Twitter Counter permission to access their Twitter account — including the ability to send tweets and change profile photos. It doesn’t store Twitter account credentials, such as passwords or payment information.
We're aware that our service was hacked and have started an investigation into the matter.We've already taken measures to contain such abuse
— TheCounter (@thecounter) March 15, 2017
Twitter Counter has said that it has now “blocked all ability to post tweets” and has changed its Twitter app key.
It hasn’t been a great few months for Twitter Counter — it was also compromised back in November, with countless celebrities and corporate accounts targeted as a result. It’s difficult to see how Twitter Counter can recover from this latest debacle.
Though this may serve as a timely reminder to be careful about which third-party services can access your Twitter account, it’s worth stressing here that today’s attacks aren’t the result of users’ personal bad security practices. Indeed, even renowned security expert Graham Cluley emerged from a flight to discover his account had been targeted.
Apologies for the Nazi spam. Hackers don't have my password, but did hijack my account (and other folks)
Revoke access to Twitter Counter.
— Graham Cluley (@gcluley) March 15, 2017
While there is no pressing need to change your Twitter password if you’ve been affected by this, it is highly recommended that you revoke access to Twitter Counter. And while you’re at it, it’s worth revoking access to any other third-party service you’ve connected to your Twitter account in the past and no longer need or can’t quite recall what the service actually is. You can do so here.
There has been a spate of high-profile Twitter account breaches in recent times. Hacking group OurMine has infiltrated accounts belonging to Netflix, Facebook cofounder and CEO Mark Zuckerberg, Google CEO Sundar Pichai, and — arguably the most notable — Twitter cofounder and CEO Jack Dorsey.