High-Profile Twitter Accounts Hit by Turkish Propaganda Campaign

Written by

A Twitter campaign purportedly carried out by Turkish hacker group ‘Ayyildiz Tim’ has targeted the accounts of several high-profile individuals to spread political propaganda, according to McAfee.

In a blog post on the firm’s website Christiaan Beek, lead scientist & principal engineer, and Raj Samani, chief scientist and McAfee fellow, explained that upon investigating the recent events McAfee Advanced Threat Research discovered the Twitter account of the Indian ambassador to the United Nations was taken over on January 13 and used to spread pro-Pakistan and pro-Turkey postings.

“What seemed to be a single event soon became a targeted campaign that we discovered in cooperation with our partner SocialSafeGuard,” the pair wrote, with the accounts of Borge Brende, president of the World Economic Forum, Eric Bolling and Greta Van Susteren, both of Fox News, also targeted.

“Once the accounts were compromised, the attackers direct-messaged the account contacts with propaganda for their cause or with a link to convince them to click on a phishing site that would harvest the Twitter credentials of the victim.”

When looking at the source code of the malicious pages, McAfee found several Turkish-language segments, with ‘Ayyildiz Tim’ claiming responsibility for the attacks.

“There is also evidence that private messaging history has been accessed from certain compromised accounts of prominent figures, along with other sensitive or confidential information such as private phone numbers and emails,” McAfee added.

“These tactics demonstrate the use of authority and social validation as subconscious levers to invoke victim interaction,” Samani told Infosecurity. “Whilst these methods are typical for email, Twitter is a relatively new channel for such activities.

“Twitter users – or anyone using social media – should always be wary of the potential for criminals to take control of their account. This news proves the importance of double checking that the appropriate security controls are in place. Using Twitter’s log in verification is an essential extra layer of security that could well prevent many successful attacks.”

What’s hot on Infosecurity Magazine?