A significant Twitter breach has occurred, affecting a myriad of accounts belonging to various high-profile entities, including media organizations, celebrities, and institutions like the European Parliament, Forbes, and UNICEF. The attack unfolded early Wednesday morning and involved the dissemination of a troubling spam message in Turkish, equating the Dutch with Nazi Germany, complete with Swastikas and hashtags such as #NaziHollanda and #Nazialmanya. Moreover, the hackers replaced the profile pictures of some victims with images of the Turkish flag and the Ottoman Empire’s coat of arms.
These compromised accounts also propagated a link directing users to a YouTube video alongside the Twitter handle of a user identified as “Sebo”. Reports suggest that this unauthorized activity can be traced back to a vulnerability in the third-party application known as Twitter Counter, which offers analytics and tracking services for Twitter users.
In response to the incident, Twitter Counter acknowledged the breach on their official Twitter account, stating, “We’re aware that our service was hacked and have started an investigation into the matter. We’ve already taken measures to contain such abuse.” The organization clarified that no Twitter account credentials or sensitive payment information had been compromised, emphasizing their policy of not storing such data from users.
As Twitter Counter works to rectify the situation, the company has taken proactive steps, including blocking all operational capabilities to post tweets through their system and modifying their app key to prevent further misuse. Although several affected accounts are regaining control, remnants of the hackers’ activities remain visible in the form of embarrassing tweets.
Forbes appears to have regained access to their Twitter presence but is still in the process of restoration. Some accounts, including that of Forbes, still have outdated avatars, indicating the task is not fully completed. The implications of such an attack are significant, as it raises concerns about the vulnerabilities inherent in third-party applications used by organizations worldwide.
To mitigate risks associated with such attacks, users are advised to revoke access for the Twitter Counter app and any other unrelated third-party applications. This breach underscores the importance of implementing robust security protocols, including enabling two-factor authentication for accounts. Such measures are essential to safeguard against unauthorized access in the future, especially given varying tactics and techniques that adversaries may employ, particularly initial access and privilege escalation as outlined in the MITRE ATT&CK framework.
As this situation evolves, business owners and tech professionals should remain vigilant regarding their cybersecurity strategies, ensuring they are well-informed about potential threats and proactive in their response mechanisms.