A diplomatic spat between Turkey, the Netherlands and Germany spread online on Wednesday when a large number of Twitter accounts were hijacked and replaced with anti-Nazi messages in Turkish.
The attacks, using the hashtags #Nazialmanya (NaziGermany) or #Nazihollanda (NaziHolland), took over accounts of high-profile CEOs, publishers, government agencies, politicians and also some ordinary Twitter users.
President Recep Tayyip Erdoğan has accused the German and Dutch governments of Nazi-style tactics, drawing protests from both countries, after Turkish government ministers were barred from addressing political rallies there to boost support for constitutional change referendum among expatriate Turks.
The account hijackings took place as the Dutch began voting on Wednesday in a parliamentary election that is seen as a test of anti-establishment and anti-immigrant sentiment.
"Politically motivated cyber-attacks in general thrive on making as large a media impact as possible and therefore it is expected to see these attacks whenever a political conflict escalates," FireEye cyber security analyst Jens Monrad said.
The hacked accounts featured tweets with Nazi symbols, a variety of hashtags and the phrase "See you on April 16", the date of a planned referendum in Turkey on switching to presidential system.
Twitter says it has revoked access to block "a third-party app" apparently used to hack a number of accounts to broadcast pro-Turkish messages.
It's not clear how many accounts were taken over late Tuesday but the targets appear to have been entirely random.
Among them were the accounts of the European Parliament and the personal profile of French conservative politician Alain Juppe.
They also included the UK Department of Health and BBC North America, along with the profile of Marcelo Claure, the chief executive of U.S. telecoms operator Sprint Corp.
Other accounts included publishing sites for Die Welt, Forbes and Reuters Japan and several non-profit agencies including Amnesty International and UNICEF USA, as well as Duke University in the United States.
The hijacked profiles were recovered, some more quickly than others. BBC North America tweeted: "Hi everyone - we temporarily lost control of this account, but normal service has resumed".
Neither Twitter nor Twitter Counter immediately provided a figure for the number of accounts affected. UNICEF, Duke, Amnesty, Starbucks and others did not immediately return messages seeking comment, although they and other high-profile accounts appear to have since returned to normal.
On Monday alone several hundred websites were hit at a single Dutch internet hosting provider, Versio, according to an employee who posted a message to the company's help forum.
The hackers who've claimed responsibility for the campaign have so far not returned messages from the AP.
Twitter Counter App
At least some of the hijacked tweets appear to have been delivered via Twitter Counter, a Netherlands-based Twitter audience analytics company. Twitter Counter Chief Executive Omer Ginor acknowledged via email that the service had been hacked.
"Preliminary findings are that our app, (along) with others, was used this morning to send Erdoğan-supporting and anti-Dutch messages on behalf of our users," Ginor said. He added: "We've already taken measures to contain such abuse," including suspending the posting of tweets via the Twitter Connect app.
The firm provides statistics to some 2 million Twitter users who link their profiles into the Twitter Connect app to track audience responses to their tweets. This connection appears to have been exploited in the attacks.
Twitter Counter also was the target of a hack attack in mid-November that led some Twitter accounts linked to the company's app to spew out spam tweets, including those of soccer star Lionel Messi and gaming sites Sony Playstation and Microsoft Xbox.
Ginor said the connections between the November attacks and the current ones were circumstantial, but there were similarities.
"Both attacks (had) similar effects and seemingly (the) same country of origin, as the November attackers were indeed operating from Turkey and the actions taken were benefiting Turkish properties and people," the Twitter Counter exec said.
Cyber protest stunts
Last Saturday, denial of service attacks staged by a Turkish hacking group hit the websites of Rotterdam airport and anti-Islam firebrand Geert Wilders, whose Freedom Party is vying to form to form the biggest party in the Dutch parliament.
A Turkish group known as Aslan Neferler Tim (Lion Soldiers Team) claimed responsibility.
The same group appears to have been responsible for temporary outages in August and September last year of the sites of Austrian institutions including the Vienna airport, the national parliament and Central Bank.
Those attacks occurred in the midst of a diplomatic row that followed Austria's calls for European Union accession talks with Turkey to be dropped.
Analyst Monrad said cyber-attacks have become a technically easy and increasingly common means of political score-settling.
"Ultimately, this trend will only get worse," he said. "Cyber threats don't move backward. If anything, the barrier to entry only becomes lower over time".
Please click to read our informative text prepared pursuant to the Law on the Protection of Personal Data No. 6698 and to get information about the cookies used on our website in accordance with the relevant legislation.
6698 sayılı Kişisel Verilerin Korunması Kanunu uyarınca hazırlanmış aydınlatma metnimizi okumak ve sitemizde ilgili mevzuata uygun olarak kullanılan çerezlerle ilgili bilgi almak için lütfen tıklayınız.