Sorry for the Nazi spam from my Twitter account

Graham Cluley

Sorry for the Nazi spam from my Twitter account

Sorry for the Nazi spam from my Twitter account

As I stepped off my plane to Dubai from Kuwait City this morning I did the same thing as just about everyone else.

I turned on my phone.

And what greeted me was a message from a British newspaper journalist asking me to comment on my Twitter account being hacked.

Uhh.. what?

And then I saw that I had a whole bunch of emails, direct messages and even a voicemail someone left for me back in my UK office (I have a neat system whereby landline voicemails get automagically transcribed into an email and sent to my mobile as an MP3 attachment) warning of the same thing.

Crikey! Could it be true?

My heart sank when I checked my Twitter timeline, as kindly preserved by the media:

Twitter spam

Some people on Twitter speculated that maybe I had clicked on a dodgy link, or foolishly not followed my own advice to ensure that Login Verifications was enabled on my account.

But no, I hadn’t clicked on any dodgy links (I’d been up in a plane with no data!), and of course I protect every online account I can with two-factor authentication or two-step verification.

So what happened?
Thankfully others had done their detective work while I was listening to podcasts at 30,000 feet. The message had been sent from my account (and many others) via a third-party service called Twitter Counter.

Twitter Counter requests read *and* write access to your Twitter account, in order to do its jiggery pokery counting your Twitter followers. I gave Twitter Counter access to my account in October 2014, and that clearly was a decision I now regret. Quite why it would need write access, unless it is planning its own self-promotion, I can’t say.

The fact that a third-party service was used means that the hackers didn’t have my Twitter password. Phew! It also meant, however, that they didn’t have to try to bypass Twitter’s Login Verification feature in order to tweet from mine and thousands of other Twitter users’ accounts.

What should you do if you had your Twitter account hijacked in this way?

Delete the offending tweet, and revoke the offending third-party service’s access to your Twitter account.

Revoke access

Go to Settings / Apps and choose the option to revoke “Twitter Counter”‘s access to your account.

It makes sense to go through the list of any other third-party apps you have there, and also remove any which you don’t recognise, don’t trust any longer, or simply don’t have any use for anymore.

You may also want to check that your Twitter bio and avatar haven’t been tampered with (mine hadn’t) and that you haven’t suspiciously started following lots more people.

Be sure to read our further tips on how to protect your Twitter account.

By the way, it’s awesome just how many folks contacted me to let me know that my account had sent the Nazi spam. What a great community.

Now, if you’ll excuse me, I have to board another plane.

I’d really appreciate it if the internet behaved itself while I’m offline.

Graham Cluley Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy. Follow him on Twitter at @gcluley, or drop him an email.

10 Replies to “Sorry for the Nazi spam from my Twitter account”

    1. He may not be but his other half (assuming he has one) isn't necessarily going to be away too. And I imagine Graham has a good intruder alarm along with door locks, security lighting, internal timers, windows locked etc.

      As long as he's not using a Bluetooth door lock then he should be okay.

  1. in fact, this is no nazi spam. it is the turkish rage about the ban of turkish politicians to make election campaigns in germany and the netherlands. the turks use the hasthags nazi-germany and nazi-netherlands.

  2. I used to have the same thing happen with my FB account. Several times a month an unknown entity sent out to all our church's followers from my FB page – horrible perverted videos. My login was also changed so that I couldn't access my account. FB of course is never any help – they could care less.

    Finally I moved my FB to Safari and I conduct everything FB from that browser. Since then I've not had one problem.

  3. Perhaps Donald Trump hacked your account. You've been buying into all the other #FakeNews that's being published by the leftist media after all.

    1. You are incredibly out of touch with reality. Twitter is the greatest innovation of the modern age. Even if the internet had not been invented, Twitter would still have prevailed in paper form. Without Twitter, there would have been no Arab Spring; no cure for Fibrodysplasia Ossificans Progressiva; no Evan Spiegel; no Native Americans; no democracy.
      Time to wake up and smell the coffee & get with the program, drsolly!
      I apologize that I was shamefully unable to keep this at under 140 characters.

  4. This is the main reason why I urge people *not* to connect third-party apps to any of their accounts, especially email, Facebook, Twitter etc.

    It's also a bad idea to use a federated login, i.e. prove you're Mr Cluley by logging into a third-party website using your social media credentials.

  5. Thanks for the laugh Gram! I would have loved to have been there to see the expression on your face when you found out. I bet it was priceless. (-: But seriously, didn't you read Yasin's article on you site back in November of 2016.
    https://www.grahamcluley.com/lock-twitter-care-rogue-party-apps-dont-hijack-account/
    You could have avoided this slightly embarrassing moment. But then, I wouldn't have the giggles right now.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Never miss a thing. Sign up for the free GCHQ newsletter from Graham Cluley.
GET UPDATES