Seemingly thousands of Twitter accounts were partially compromised earlier today and started tweeting pro-Turkish messages. The attack, which also targeted high-profile users like Amnesty International and the BBC, was made possible thanks to a third-party Twitter application.
Forbes, Duke University, Unicef and thousands of other Twitter accounts had their profile images changed to the Turkish flag and started sending messages of support for the authoritarian Turkish president. They also called German and Dutch people Nazis, hinting that this hack is related to the escalating diplomatic conflict between the Netherlands and Turkey.
Luckily, the Twitter accounts weren’t fully compromised. Instead, the attackers gained the ability to tweet from such high-profile users, by hacking Twitter Counter, a popular third-party social analytics tool. However, the Amsterdam-based company was quick to take action by disabling its app’s ability to tweet, and reassured users that it does not store Twitter credentials on its system.
For its part, Twitter acknowledged that some of its users were having problems and moved to address the situation.
Most affected accounts quickly re-established control and deleted the erroneous tweets. This isn’t the first time Twitter Counter was hacked in such a way, and this just goes to show that even secure accounts can be vulnerable through third-party services.