​On March 10, 2025, X, the social media platform owned by Elon Musk, experienced significant service disruptions attributed to a massive cyberattack. Users across the United States, Canada, the United Kingdom, and other countries reported issues such as slow loading times and error messages.

Details of the Attack

Elon Musk announced that X was targeted in a "massive cyberattack" involving substantial resources, potentially implicating a large coordinated group or a nation. He noted that the attack appeared to originate from IP addresses in the Ukraine area.

Cybersecurity experts have identified the disruptions as distributed denial-of-service (DDoS) attacks executed by a botnet. The true origin of the attackers couldn't be accurately determined solely based on IP addresses, as attackers often use compromised devices and proxy networks.

Attribution and Impact

Initially, a pro-Palestinian group called "Dark Storm Team" claimed responsibility for the attack. However, Elon Musk later suggested that the attacks originated from Ukrainian IP addresses. The exact origins remain unclear.

The attack led to significant traffic loss and hindered users' access to X's services. The vulnerability was attributed to some origin servers that were not secured properly behind Cloudflare's DDoS protection. X has since secured these servers.

Recommendations for Users

In light of this incident, users are advised to:

1. Stay Informed: Follow official X channels for updates on the platform's status.​

2. Be Cautious: Be vigilant against potential phishing attempts that may exploit the situation.​

3. Secure Accounts: Ensure that account passwords are strong and consider enabling two-factor authentication.​

As investigations continue, it is imperative for organizations to strengthen their cybersecurity measures to prevent such incidents. Users should remain alert for further updates and guidance from X regarding this situation.​

Disclaimer: ClearPhish maintains a strict policy of not participating in the theft, distribution, or handling of stolen data or files. The platform does not engage in exfiltration, downloading, hosting, or reposting any illegally obtained information. Any responsibility or legal inquiries regarding the data should be directed solely at the responsible cybercriminals or attackers, as ClearPhish is not involved in these activities. We encourage parties affected by any breach to seek resolution through legal channels directly with the attackers responsible for such incidents.