On March 10, 2025, Xitter experienced major service disruptions throughout the day. Users couldn’t access the platform on both mobile apps and the website. Here’s what happened and why it matters.
What Happened?
X suffered multiple waves of outages starting early Monday morning:
- First wave: Around 6:00 AM Eastern Time, affecting about 20,000 users
- Second wave: Around 10:00 AM ET, with over 40,000 users reporting problems
- Third wave: Between 11:00 AM and noon, affecting nearly 30,000 users
People trying to use Xitter saw loading symbols, error messages saying “Something went wrong. Try reloading,” or couldn’t access the service at all.
Who Was Behind It?
A pro-Palestinian hacking group called Dark Storm Team claimed responsibility for the attack. They posted on their Telegram channel: “Twitter has been taken offline by Dark Storm Team,” along with screenshots showing connection failures from different global locations.
Dark Storm Team has been active since around 2023 and is known for targeting organizations in Israel, Europe, and the United States. According to security experts, the group specializes in DDoS attacks and has a pro-Palestinian orientation.
What Did Elon Musk Say?
Elon Musk, Xitter’s owner, acknowledged the attack several hours after it began: “There was (still is) a massive cyberattack against Xitter. We get attacked every day, but this was done with a lot of resources. Either a large, coordinated group and/or a country is involved.”
Later, in an interview with Fox Business, Musk made a controversial claim connecting the attack to Ukraine: “We’re not sure exactly what happened but there was a massive cyberattack to try and bring down the Xitter system with IP addresses originating in the Ukraine area.” He provided no evidence to support this claim.
What Was the Reaction?
Cybersecurity experts expressed significant skepticism about Musk’s Ukraine claim:
- They pointed out that attack origin IP addresses can be easily masked or manipulated
- Attackers routinely route activities through compromised systems in other countries
Ukrainian officials firmly denied any involvement. Oleksii Merezhko, chairman of Ukraine’s parliamentary Foreign Affairs Committee, stated that the Ukrainian government had “absolutely” no part in the alleged cyberattack on Xitter.
Ed Krassenstein, who claimed to have communicated with Dark Storm’s leader, contradicted Musk’s assertion. According to screenshots shared online, the group responded to the Ukraine claim by saying: “Elon Musk must provide evidence for his claim, and we will provide evidence for ours.” They allegedly threatened further attacks, warning “We can attack again. A stronger attack this time, not only on Xitter but Tesla and others.”
What Type of Attack Was It?
The incident was a distributed denial-of-service (DDoS) attack. These attacks work by:
– Overwhelming a platform’s servers with excessive traffic
– Causing slowdowns or complete outages by exhausting available resources
– Using compromised devices (forming a “botnet”) to send overwhelming amounts of data
Cybersecurity experts described this attack as “far beyond simple DoS attempts,” involving “full-scale DDoS assaults, combined with sophisticated botnet activity, credential stuffing, API abuse, and targeted application-layer attacks designed to cripple operations.”
How Did Xitter Respond?
Xitter implemented Cloudflare’s DDoS protection services to mitigate the impact. This defensive measure introduced captcha verification for suspicious IP addresses generating too many requests. By evening, the platform had largely recovered, though some users continued to experience intermittent issues.
I’m not surprised Cloudflare helps protect Nazis, but it’d be nice to live in a universe where they all crawled back under their rocks for good.
One Trackback/Pingback
[…] who was behind it? Bob Rudis fingers the […]