14 DAY TRIAL // What are believed to be thousands of Twitter accounts have been hijacked to show support to president Recep Tayyip Erdogan. The pro-Turkey operation involves countless accounts, including several verified and high-profile users.
They have all posted the same Turkish-language tweets, alongside a Naxi swastika and the hashtags #Nazialmanya and #Nazihollanda, meaning #NaziGermany and #Nazi Holland, in relation to the recent tensions between Turkey and the targeted countries.
The messages make a reference to an upcoming event in Turkey, a referendum on constitutional changes that would put Recep Tayyip Erdogan in the presidential seat and leave him there for over a decade. In fact, to be more exact, he could very well hold his seat through 2029. The referendum will take place on April 16th.
As mentioned, the attack comes as tensions between Turkey and western European countries rise. The latest scandal involves the Netherlands, after the government decided to ban two Turkish ministers from speaking to expatriates in the Netherlands ahead of the referendum. Erdogan didn't shy away from accusing the Dutch government of acting like "Nazi remnants." Turkey took things a step further and suspended high-level diplomatic relations with the Netherlands.
Twitter Counter seems to be to blame
Several high profile accounts have been hijacked, including Amnesty International, Duke University, Reuters Japan, and BBC North America. At this point, it's unclear how the hack was performed, but some users are saying that all hijacked tweets appear to have been linked to Twitter Counter, which is an analytics app based in the Netherlands. This wouldn't be the first time this particular firm was targeted by hackers and it makes some kind of ironic sense that Turkish hackers would target a company in the Netherlands following the conflict between the countries.
Twitter Counter told the Verge that they've started an investigation into the matter. Before finding anything solid, however, they've already taken measures to contain such abuse on users' accounts by blocking all ability to post tweets using its system and changing the Twitter app key.
"It appears as if the Twitter accounts were compromised via a third party service called Twitter Counter. The incident illustrates the need for security throughout the supply chain. Users should be wary as to which services they allow access to write to their Twitter accounts. It can be all too easy to allow permissions and subsequently forget that they were ever granted. The specific danger that third parties present is that even if users have secured their account properly and enabled two-step authentication, it offers no protection," points out Javvad Malik, security advocate for AlienVault.
- Updated to include commentary from Javvad Malik.-