Political tensions between Turkey and the Netherlands spilled over onto Twitter earlier today as a number of high-profile accounts were hacked, apparently through the third-party app Twitter Counter. During the attack, tweets featuring swastikas and Naxi references were posted to Twitter accounts for the BBC North America, Justin Bieber, the World Meteorological Organization and U.K. computer security expert Graham Cluley, among others.
After the hack, the Twitter Support account posted an update saying it had identified and resolved an issue "affecting a small number of users," adding that those affected account holders didn't need to take any further action.
The hacking incident appears related to recent hostilities that flared up over the weekend after Dutch officials barred two Turkish ministers from political campaigning in the Netherlands. Turkish President Recep Tayyip Erdogan fired back by accusing the Dutch of "Nazi tactics" and criticizing the country for not doing enough to prevent a 1995 massacre in the Bosnian city of Srebrenica.
Measures To 'Contain Abuse'
Early this morning, a number of Twitter accounts were hijacked long enough for the unidentified hackers to tweet messages in Turkish that included images of swastikas, a symbol used by Adolf Hitler's regime, and hashtag references to "Nazi Germany" and "Nazi Holland."
Cybersecurity expert Graham Cluley said he learned his Twitter account had been hacked upon arriving in Dubai after a flight from Kuwait City. When he turned on his phone, the first message he saw was from a British reporter seeking comment about the hacking.
In a blog post titled, "Sorry for the Nazi spam from my Twitter account," Cluley said his first thought was, "Uhh ... what?" He added, "My heart sank when I checked my Twitter timeline, as kindly preserved by the media."
Cluley said he was relieved to learn that the hack was through a third-party app, which told him "the hackers didn't have my Twitter password."
Twitter Counter, the Amsterdam-based third-party stats and marketing analytics app that was hacked, posted several tweets this morning to update users about the incident. The company said it had started an investigation into the attack and had also "taken measures to contain such abuse." In follow-up tweets, Twitter Counter noted that it had changed its Twitter app key and added that it did not store users' Twitter passwords or credit card information.
Check Your Apps Options, Bio & Avatar
This isn't the first time that Twitter Counter has found its service under attack. Another hack on Nov. 18 caused spam tweets to be sent out via the Twitter accounts of some high-profile users. That incident affected only a handful of its more than 2 million users, the company said in a Nov. 21 blog post. As of mid-morning, Twitter Counter's Web site is unavailable, with the message that it is "temporarily down for maintenance."
Twitter users who discover their accounts have been hijacked via third-party apps should first "delete the offending tweet" and then go into the "Settings" section of their Twitter accounts, Cluley advised. From there, users should select the "Apps" option and revoke access for any third-party apps they don't approve of or use anymore, he said.
"You may also want to check that your Twitter bio and avatar haven't been tampered with (mine hadn't) and that you haven't suspiciously started following lots more people," Cluley added.
While the parties responsible for today's Twitter hack haven't been identified, there has been a growing concern about politically motivated hacking by state actors and their supporters.
"Beyond influencing election results, a state sponsored attack may have direct intentions to further the policies and agendas of the state government," the darknet expert organization Owl Cybersecurity warned in a blog post last month. "Nation state sponsored hackers are one of the hacking community's biggest players."