On 16 January 2018, at least two Twitter users followed by U.S. President Donald Trump were hacked and reappropriated to tweet messages supporting Turkey and its president, Reccep Tayyip Erdogan:
News anchor Greta Van Susteren and pundit Eric Bolling each lost their verified blue checkmarks (which happens automatically when a verified user changes names) and had the following message displayed on their accounts:
Türk siber ordusu Ayyıldız Tim tarafından hacklendiniz! DM yazışmalarınızı aldık! Size Türkün gücünü göstereceğiz! ( You are hacked by the Turkish cyber army Ayyıldız Tim! We got your DM correspondence! We will show you the power of the Turk!)
The hackers also tweeted images of the contents of their Twitter inboxes:
On 14 January 2018, the account of India's top envoy to the United Nations was briefly taken over in similar fashion and with similar messaging:
One of the tweets from the account was a link to a YouTube video of Ayyildiz Tim. The hackers also tweeted a photo of Pakistani president Mamnoon Hussain sitting next to a table that has a photograph of Muhammad Ali Jinnah.
The Turkish nationalist hackers have earlier launched attacks on several websites and social media accounts. Some of their targets have been inexplicable — the website of a school in a village in southern England, the UN country team in Ethiopia and Kenya’s transport ministry.
The account of the World Economic Forum's president was also broken into:
Børge Brende, the former minister of foreign affairs for Norway, has been targeted by people claiming to represent the Turkish cyber army Ayyıldız Tim.
In two tweets, the group published a video and a message saying the group now has access to his direct messages, private messages sent between Twitter users.
Writing in Turkish and English, the group said: “You are hacked by the Turkish cyber army Ayyıldız Tim! We got your DM correspondence! We will show you the power of the Turk!”
Most of the accounts were quickly restored. There was no immediate word on whether the hackers simply wanted to flex their muscles by sending a general message or were after something more (such as changes in Trump's foreign policy), or whom they planned to target next.
Twitter users who are concerned they may have been, or will be, targeted should take common sense precautions: Use a strong password, encrypt your messages, and don't discuss anything on social media that you would prefer stay private.