THOUSANDS OF TWITTER ACCOUNTS, many of which belong to high-profile names including Amnesty International and security blogger Graham Cluley, have been compromised by Turkish hackers.
The attack has used the accounts to them to tweet messages in Turkish accusing Germany and Holland of being Nazi regimes.
The attacks are almost certainly connected to the barring of the Turkish foreign minister Mevlut Cavusoglu from flying to Holland, and the prevention of Turkey's family minister, Fatma Betul Sayan Kaya speaking to Turkish supporters of President Recep Tayyip Erdogan at a rally in the Rotterdam.
After his ministers were barred, Erdogan cut diplomatic ties with the Dutch government and promised retaliation, branding Holland a "Nazi remnant".
A week before he had accused the German government of "Nazi practices" over its banning of rallies in the country intended to show support for his increasingly authoritarian government, which has arrested thousands of academics and opposition party supporters as well as imposing bans on the use of VPNs, Tor, Twitter, Facebook and YouTube.
The hacked Twitter accounts were used to broadcast messages in Turkish with the hashtags #Nazialmanya and #Nazihollanda.
The attackers seem to have taken a scattergun approach to their targets as most have no obvious relation to the incidents. They include the UK Department of Health and BBC North America, as well as the official account of Marcelo Claure, CEO of telecoms firm Sprint Corp.
Cluley believes the attack vector used was a third-party app called Twitter Counter: "Twitter Counter requests read *and* write access to your Twitter account, in order to do its jiggery-pokery counting your Twitter followers," he wrote on is blog
"I gave Twitter Counter access to my account in October 2014, and that clearly was a decision I now regret. Quite why it would need write access, unless it is planning its own self-promotion, I can't say. The fact that a third-party app was used means that the hackers didn't have my Twitter password. Phew!
"It also meant, however, that they didn't have to try to bypass Twitter's Login Verification feature in order to tweet from mine and thousands of other Twitter users' accounts."
If you have been affected, Cluley suggests deleting the offending tweets and revoking the app's access to your Twitter account.
Twitter Counter suffered a similar a hack in November 2016, which also affected high-profile accounts including those belonging to PlayStation, The New Yorker, Viacom and Xbox.µ
Welcome to the dystopia Black Mirror warned us about
Microsoft in 'more helpful' shock
A whole new way to be tied to your ISP
Search giant puts Epyc chips at the heart of its datacentre servers