The Turkish-Dutch political conflict has spewed into cyberspace during the past few days as Turkish hackers have defaced hundreds of websites and Twitter accounts with political messages and pictures of Turkish President Recep Tayyip Erdogan.

The cyber-attacks come as communications between Turkish and Dutch authorities have ceased altogether, after the Netherlands first denied entry into the country to a Turkish minister, and then expelled him a few days later.

On the other hand, Turkish authorities called members of the Dutch government “nazis” and attempted to blame the Srebrenica massacre on Dutch troops (which cannot be proven based on historical facts).

Turkish hackers deface Dutch sites

Following this high-level spat between high-ranking officials of the two countries, cyber-attacks started immediately on Monday. First, Turkish-speaking hackers defaced several Dutch websites, with messages like the ones below.

Defacement message

Defacement message

The messages left on the defaced websites had an anti-European tone, accusing the Netherlands of denying human rights and freedoms. A mirror of one of the defaced websites can be viewed here.

Hey Europe!
You often talk about democracy, human rights and freedom. But your fear of “Great Turkey” shows your colonist, racist, fascist Crusade mentality, which is your real face!
We are OTTOMANS, we are TURKEY, we are AKINCILAR

You dutchs think that we won’t do anything but you are wrong. We will never forget what you did against us. We may die one time but We born thousands time.

Ironically, despite these accusations, during the past year, Turkish officials jailed most of their political opposition and shut down hundreds of newspapers that were criticizing the country's President.

A yet unconfirmed estimation puts the number of defaced websites at around 1,500. According to NLTimes, most of the defaced websites belonged to Dutch hosting provider Versio. Other websites also suffered DDoS attacks.

In late 2016, a report from Forcepoint revealed a secret cyber-society of Turkish hackers who engaged in a game that involved carrying out DDoS attacks against political targets.

Turkish hackers deface high-profile Twitter accounts

On Tuesday, the attacks carried by Turkish hackers continued, but this time on Twitter.

Turkish hackers posted tweets on the behalf of hundreds of Twitter accounts, with the hashtags #Nazihollanda (#NaziHolland) and #Nazialmanya (#NaziGermany), and pointing to a YouTube video of one of President Erdogan’s political speeches.

Several high-profile accounts fell victims, such as Forbes, UNICEF USA, BBC North America, Reuters Japan, Starbucks Argentina, Amnesty International, Nike Spain, Duke University, German site Die Welt, members of the EU Parliament, and other politicians and business people.

Sample of tweets posted by Turkish hackers
Sample of tweets posted by Turkish hackers (via Rob Lopez)

A Twitter user claimed hackers used a security flaw in a third-party app called Twitter Counter to take over the hacked accounts. In a statement to Bloomberg, a Twitter spokesperson confirmed the user's findings.

Twitter Counter admitted the incident today, on Wednesday. Twitter Counter was also hacked in November 2016, when hackers used a vulnerability to deface Twitter accounts belonging to Playstation, Viacom, Xbox, The New Yorker, The Next Web, actor Charlie Sheen, soccer star Lionel Messi, astronaut Leland Melvin and Minnesota Governor Mark Dayton.

In August and September 2016, Turkish hackers engaged in a similar one-sided cyber-war against Austrian authorities. Hacker said they attacked Austrian sites because Austrian officials denied an emergency visa to Turkish passengers of a British Airlines flight. Because of this, passengers were forced to spend the night inside the airport, instead of a nearby hotel. Austrian authorities eventually tracked down the hacker behind some of the attacks, albeit they haven't been able to arrest him.