Yesterday, X Corp., formerly Twitter, was targeted in a devastating distributed denial-of-service (DDoS) attack that crippled its services for hours. The company, which is now under the leadership of Elon Musk, confirmed the attack and attributed it to a pro-Palestinian hacking group known as Dark Storm Team.
The attack began early this morning EDT, with users reporting issues with both the X app and website. Reports then varied throughout the day, with outage reports dipping and returning as the DDoS attack targeted X in waves. As of 7 p.m. EDT, X was mostly back online, with a declining number of reports on Downdetector from users.
Elon Musk, formally X’s chief technology officer and executive chairman, confirmed the attack, stating that those behind the attack involved either a large, coordinated group or a country in involvement. He later suggested that the cyberattack originated from IP addresses in the “Ukraine area,” though he did not provide specific evidence to support the claim.
The Dark Storm Team, a pro-Palestinian hacking group reportedly established in 2023, claimed responsibility for the attack. The group has a history of launching attacks that can disrupt websites by sending massive traffic their way. Previously known targets of Dark Storm Team include organizations in Israel, Europe, and the U.S., reflecting the group’s pro-Palestinian stance.
In February 2024, they issued threats against North Atlantic Treaty Organization countries, Israel, and their allies, vowing to launch cyberattacks on government websites and critical infrastructure. In response to the attack, X implemented Cloudflare Inc.’s DDoS protection services to mitigate the impact.
The measure introduced captchas for certain users to verify human access, aiming to stabilize the platform amidst ongoing threats. As of now, X continues to monitor and address the situation to restore full functionality. Users may still experience intermittent issues as the platform works to stabilize its services.
Chad Cragle, chief information security officer at managed security platform provider Deepwatch Inc., told SiliconANGLE via email that “this far beyond simple DoS attempts” and that “these are full-scale DDoS assaults, combined with sophisticated botnet activity, credential stuffing, API abuse and targeted application-layer attacks designed to cripple operations.”
"While technical issues can occur, X’s engineers understand scalability and redundancy,” he added. “This isn’t incompetence; it’s cyberwar hitting at full force. With Musk in the spotlight and political tensions at a peak, these attacks bear all the indicators of nation-state aggression. They’re throwing everything but the kitchen sink at X and others pushing for maximum disruption, downtime, and, if possible, data exposure."
This attack highlights the growing threat of DDoS attacks and the need for companies to be prepared for such incidents. The use of advanced technologies like Cloudflare’s DDoS protection services is crucial in mitigating the impact of such attacks. As X continues to work on restoring its services, it is essential for users to remain vigilant and report any ongoing issues.
The incident also raises questions about the role of nation-state aggression in cyberattacks. With tensions between countries escalating, it is likely that we will see more frequent and sophisticated DDoS attacks in the future. As a result, companies must be prepared to adapt to these new threats and implement robust security measures to protect their services.
This article was written by Duncan Riley, cybersecurity journalist for SiliconANGLE. Your vote of support is important to us and it helps us keep the content FREE. One click below supports our mission to provide free, deep, and relevant content. Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.