Thousands of Twitter accounts including those belonging to Forbes and Amnesty International seemed to have been compromised this morning after followers noticed the accounts posting suspicious tweets containing the swastika symbol.
The tweets also contained the Turkish flag icon, the hashtags #Nazialmanya (meaning Nazi Germany) and #Nazihollanda (meaning Nazi Holland) as well as a link to a YouTube video
Other accounts to have been infected include Duke University and online security expert Graham Cluley, as well as the Twitter accounts belonging to celebrities, sports stars and other large organisations.
But what happened?
The hack appeared to have targeted a vulnerability in a popular Twitter app called Twitter Counter, an app that provides “actionable stats” on your Twitter engagement. The security vulnerability in that third party app afforded cyber crooks permission to post tweets on any Twitter account that had the app installed.
The app, like many others, requested both READ and WRITE access to a Twitter account when you install it. Any app that requests these permissions could potentially be used by cyber crooks to post spammy tweets from accounts should a vulnerability be found.
Third party apps are often seen as a potential “chink in the armour” for social media websites, since their security may not always be up to speed when compared to the social media sites they operate on. A poorly coded third party app essentially provides criminals with a way to bypass the securely locked door to our social media accounts.
It doesn’t appear the security of any Twitter accounts have been directly compromised in the hack, so if you were affected, there should be no need to change your password (but by all means do if you are so inclined.)
With that said, if you do use the Twitter Counter app, you should disable it for the time being. To do that, go to your Settings section and click Apps, locate the app listed and disable it.
The spammy tweets themselves seem to be in reference to increasingly poor relations between Turkey and the Netherlands after Turkish ministers were stopped from speaking at rallies by Dutch officials. A Turkish election next month will decide if President Erdogan will get more powers.