Photo: Ascannio / Shutterstock.com
US officials, security researchers, and even Musk himself haven’t been able to trace a series of DDoS attacks on microblogging site X. The attacks didn’t bring the service down entirely but left thousands of users pestered with intermittent outages and errors.
Owner Elon Musk Fox Business said the attacks were traced to “IP addresses originating in the Ukraine area.” However, security researchers have quickly pointed out that this doesn’t necessarily mean the attacks originated there.
Threat actors can carry out DDoS attacks from specific regions or countries to evade detection. This is rare but possible. Given that external researchers haven’t been able to determine the origin IPs responsible for the attack, it seems likely that the attackers might have employed this technique.
DDoS attacks generally disrupt a service or bring it down temporarily but don’t involve data stealing or malware infections. Regardless, researchers have no idea what or where the malicious traffic attacking X’s servers came from.
A report published by Check Point Research claims that Dark Storm Team, a threat group specialising in DDoS attacks, claimed responsibility for the attack. The group also backed up its claim by posting screenshots of the attack on Telegram, alongwith a Check-Host report.
Dark Storm Team usually targets organisations in the US, Ukraine, the UAE, and Israel. The group also often uses botnets, which can sometimes consist of hundreds of thousands of infected devices around the world, making it difficult to pinpoint the exact IP or device of origin.
Musk doesn’t seem to be too worried about the attack, though, because his shift to right-wing politics does not sit well with Tesla buyers and his contributions towards the Department of Government Efficiency (DOGE). He’s also targeted in protests and vandalism incidents in the US over the push for mass federal government layoffs and budget cuts.
In the News: DPRK’s KoSpy spyware targets SK, India, Russia, and Middle East
