On March 10, 2025, the social media platform X, formerly known as Twitter, was thrown offline by what owner Elon Musk described as a "massive cyberattack". This disruption became evident as users began reporting issues accessing the platform around 5:30 AM ET, leading to significant downtime throughout the morning.
Musk confirmed via his own posts on X, stating, "There was (still is) a massive cyberattack against 𝕏. We get attacked every day, but this was done with a lot of resources. Either a large, coordinated group and/or a country is involved. Tracing ..." Musk went on to assert the attack's IP addresses appeared to originate from Ukraine, compounding the controversy surrounding the event.
The attacks manifested as intermittent outages, with some periods of service being restored only to be followed by renewed disruptions. This led to frustrating experiences for many users, as service would last for approximately three-quarters of an hour before going offline again. Some reported outages were significant enough to cause the platform to become completely unresponsive for several hours.
Adding complexity to the situation, reports emerged indicating the DarkStorm Team—a pro-Palestinian, pro-Russian hacking group—claimed responsibility for the attack, raising questions about the origins of the cyberattack. They have been active since 2023, targeting entities including NATO countries and businesses they perceive as supportive of Israel. This group is known for employing Distributed Denial of Service (DDoS) methods to overwhelm websites with traffic, causing service interruptions.
Casey Ellis, founder of cybersecurity company Bugcrowd, weighed in on the legitimacy of the incident, remarking, "It’s difficult to say with incomplete information, and in the early stages of things, but between the sustained nature of the outage and Dark Storm Team taking credit for it on Telegram, this does appear to be a legitimate cyberattack on X."
The timeline of events noted additional spikes of user complaints around 9:30 AM and 11 AM ET, following the initial outage reported at 5:30 AM. The service disruptions led to not only conversations about the cyberattack itself but also about Musk’s claims linking Ukraine to the attack. Cybersecurity experts have questioned the credibility of this assessment, as spoofing IP addresses to mislead investigators is common among cybercriminals.
Adding to the turmoil, some experts suggested Musk's political affiliations could have influenced his statements about the attack's origins. Given Musk's public support for Israel and his contentious views on other geopolitical matters, skepticism about the motivation and accuracy behind his claims circulated widely.
On March 11, just 24 hours after X's significant downtime, users faced yet another wave of issues, prompting them to take to the platform for humorous commentary and memes about the platform's instability. Common sentiments included sarcastic remarks about the platform's reliability, with phrases like "FIX IT WHOEVER DOES THE FIXING" ringing out among the chaos.
This second day of disturbances struck many as another opportunity for engagement, with users humorously lamenting the platform's unreliability. The trend of lighthearted commentary appears to be the only means of coping with the increasingly serious issues surrounding the platform.
Looking at the broader picture, the situation surrounding X is indicative of the fragile nature of digital communications and how quickly they can be disrupted amid rising tensions globally. The interactions of social media with geopolitical dynamics continues to show how volatile such platforms can be.
This developing story has raised numerous questions about the intersection of technology, politics, and security, and as investigations continue, Musk has indicated his security teams are actively tracing the attack's origins. The complexity involved ensures this is far from over.
Until concrete determinations are made about the true nature and origins of the cyberattack, users will have to navigate the disruptions and speculate on the reassuring claims made on behalf of the platform's security.
With the potential for future attacks hanging over the platform's operations and its owner’s political reputation, the ramifications of this incident may extend well beyond the temporary service outages experienced by its users.