Reason to stay off Twitter #88: Nazi Spambots from Turkey

[Old_Man_Steve2016]

Sorry for the Nazi spam from my Twitter account

As I stepped off my plane to Dubai from Kuwait City this morning I did the same thing as just about everyone else.

I turned on my phone.

And what greeted me was a message from a British newspaper journalist asking me to comment on my Twitter account being hacked.

Uhh.. what?

The guy had 2-factor authentication, did not click on dodgy links, but still wound up in the middle of hitler spam from Turkey.

So, what happened?

The message had been sent from my account (and many others) via a third-party app called Twitter Counter.

Twitter Counter requests read *and* write access to your Twitter account, in order to do its jiggery pokery counting your Twitter followers. I gave Twitter Counter access to my account in October 2014, and that clearly was a decision I now regret. Quite why it would need write access, unless it is planning its own self-promotion, I can't say.

The fact that a third-party app was used means that the hackers didn't have my Twitter password. Phew! It also meant, however, that they didn't have to try to bypass Twitter's Login Verification feature in order to tweet from mine and thousands of other Twitter users' accounts.

What should you do if you had your Twitter account hijacked in this way?

Delete the offending tweet, and revoke the offending third-party app's access to your Twitter account.

Those ruinous third-party apps!!! Now I'm VERY suspicious about my FB account. What if Farmville has been sending Burmese propaganda this whole time!!!