Musk Accuses Ukrainian IP Addresses of Being Linked to Cyber Assault on X
Monday Morning Outage: Twitter Hit by Significant Cyberattack
On March 10, 2025, Twitter, formerly known as X, faced a substantial cyberattack that resulted in significant outages. Over 40,000 reports of an outage were received on that Monday morning.
The nature of the attack suggests a less sophisticated, but still significant, cyber threat. According to cybersecurity expert Kevin Beaumont, the attack was carried out using a Mirai botnet, a notorious type of botnet known for utilising compromised devices. The botnet in question was a Mirai variant, made up of compromised cameras.
The cyberattack targeted the Twitter system specifically and was carried out with a substantial amount of resources. However, Beaumont's assessment indicates that the attack may have been the work of individuals, not a nation-state or organised group.
Elon Musk, the CEO of Twitter, claimed that the IP addresses involved in the attack were linked to Ukraine. However, cybersecurity experts have debunked these claims, suggesting that the attack was more likely conducted through a compromised employee account rather than a state-sponsored hack. They proposed the alternative method of an insider or phishing attack as a more plausible explanation.
Beaumont, however, is unsure of who is behind the attack, but he "smells of APTs - advanced persistent teenagers." The Dark Storm Team claimed responsibility for the DDoS attack on Twitter, but their statement of responsibility on Telegram was later deleted.
The IP addresses involved in the attack were worldwide, not just from Ukraine, according to Beaumont. Elon Musk indicated that they face attacks every day, but this one was exceptional. It's important to note that the outages were due to the cyberattack, not limited to IP addresses from a specific country.
In conclusion, the cyberattack on Twitter on March 10, 2025, was a significant event that highlighted the ongoing threat of cyberattacks. While the identity of the attackers remains unclear, the incident serves as a reminder for companies to strengthen their cybersecurity measures and be prepared for such attacks.
