Twitter Counter allowed the hacking of thousands of Twitter accounts

Thousands of Twitter accounts were recently compromised following a hack.

The hack reportedly took hold of several high-profile accounts which led to cyber-attackers tweeting all sorts of strange propaganda messages. The high-profile Twitter accounts includes Forbes, European Parliament, Amnesty International, and the BBC’s North American service.

Following the hack, Forbes’ cover photo was changed to the Turkish flag, and Amnesty International’s account tweeted propaganda messages comparing the Dutch to the Nazis i.e. #NaziGermany #NaziNetherlands. This is thought to be in retaliation to the diplomatic situation between the Turkish and Dutch governments, which was fuelled initially by the Netherlands refusing to let Turkey’s president’s airplane land for a rally in the Turkish referendum campaign.

The tweet also included 16^th April 2017; this date is noted as Turkey holding a referendum on whether to grant further powers to its president.

Third-party app responsible

Twitter Counter is thought to be the app that caused the mass hacking, and some argue that it had been targeted purely for political symbolism. Twitter Counter is an analytics service for Twitter that provides statistics of Twitter usage for users.

Twitter Counter’s CEO, Omer Ginor, was alerted right away and told the Guardian that:

“…we are aware of the situation and have started an investigation into the matter.”

Mr Ginor continued to say that they’ve already taken measures to contain such abuse of their users’ accounts. He has put in place a system that will block all ability to post tweets using their system as well as changing their Twitter app key.

Twitter’s response

Following the hack on 15^th March, Twitter said that they were “aware of an issue affecting a number of account holders this morning”. They also reassured those account holders that their teams are working “at pace and taking direct action on this issue”. According to Twitter, they’ve already located the source of the hack and removed its permissions immediately.

As a means of providing greater cybersecurity to its users, Twitter has blocked the Twitter Counter app, saying:

“If this activity continues, then we strongly believe it’s not just through us.”

Cybersecurity vulnerabilities

According to the Guardian, the breach made it on to Twitter through their “third party permissions” process. It details that, when account users link a service to Twitter, it allows various permissions to take actions on their behalf. These permissions are wide-ranging; it can allow them to read tweets to seeking control over the linked Twitter account. Twitter Counter was granted these permissions and unfortunately their service was compromised; allowing cyber-attackers to abuse these permissions with ease.

Cybersecurity researcher David Emm noted that this a clear example of where a third-party provider’s security vulnerabilities has allowed a tsunami effect on Twitter and its users.

Mr Emm warned users of granting permission when downloading apps:

“It is critical that people understand the permissions agreed.”

This is in hope that users will re-think the permissions and reduce the threat of allowing access to their accounts.

Deny permissions

If you’re cautious about which services you’ve granted permissions to on your Twitter account, you can check on your account under ‘Settings and Privacy’. You can remove permissions granted to apps and services which will hopefully minimise the risk in the event of future hacks. This tip can also be transferred on all other social networking platforms that you use, including Facebook.