Information Security Buzz: Twitter Accounts Tweet Swastikas And Pro-Erdoğan Support In Massive Hack

March 15, 2017 — Twitter Accounts Tweet Swastikas And Pro-Erdo?an Support In Massive Hack

 Thousands of Twitter accounts, including high profile ones belonging to users such as Forbes, Amnesty International, the BBC’s North American service, and tennis star Boris Becker were compromised on Wednesday morning, resulting in them tweeting propaganda related to Turkey’s escalating diplomatic conflict with Germany and the Netherlands. IT security experts from AlienVault, FireEye, Kaspersky Lab, ESET, Tenable Network Security, Positive Technologies, NuData Security, Proofpoint and Alert Logic commented below.

NuData’s Robert Capps comments.

Robert Capps, VP of business development at NuData Security: “Hacking the personal Twitter accounts of celebrities and brands for geopolitical advantage is a disturbing twist and escalation in cyber warfare. This hack appears to be coming from a zero-day vulnerability in a third-party app called Twitter Counter. Aside from the political message in this attack, we should be concerned about it because hacking Twitter accounts is akin to making a puppet out of the celebrity or affected brand. In the long term, I doubt these brands will experience much lasting harm if the situation is remedied quickly, but in the short term, the coverage that these attackers obtained by the hack is considerable. If Twitter were a country, it would be the 12th largest in the world with over 100 million users logging in daily, and continually growing. The size of its membership and its capacity as a live media source of information make it an attractive and vulnerable target for account takeovers. By hijacking accounts, bad actors have access the audiences of celebrities and brands with thousands of followers, and can also leverage hashtags and lists to push that reach further. It’s a reminder for everyone to use unique strong passwords on every site, and consider using a password manager like 1Password or LastPass for easy generation of strong, unique passwords, as well as storage and encryption of these passwords.”
For the complete article, go here.