A massive cyberattack disrupted X, formerly known as Twitter, on March 10, 2025, affecting tens of thousands of users worldwide. The hacking group “Dark Storm” claimed responsibility for the distributed denial-of-service attack, while Elon Musk, owner of X, suggested the assault originated from IP addresses traced to Ukraine.
The outage began early Monday morning, with users reporting difficulties accessing the platform, posting content, and sending messages. According to Downdetector, a website that tracks online service disruptions, the number of affected users peaked at over 40,000 by 10 a.m. Eastern Time. Major cities, including New York, Los Angeles, London, and Birmingham, experienced significant disruptions.
Elon Musk addressed the situation during an interview with Fox Business’s Larry Kudlow, stating, “We’re not sure exactly what happened, but there was a massive cyberattack to try and bring down the X system with IP addresses originating in the Ukraine area.” He emphasized the scale of the attack, noting that it required substantial resources, potentially implicating a large, coordinated group or even a nation-state.
However, cybersecurity experts caution against drawing immediate conclusions based solely on IP addresses, as attackers can mask their true locations. The pro-Palestinian hacker group “Dark Storm” claimed responsibility for the attack via a post on their Telegram channel, stating they “took Twitter offline.” Screenshots shared by cybersecurity group SpyoSecure showed failed connection attempts from various global locations, supporting Dark Storm’s claims. The group’s Telegram channel was subsequently deleted for violating the platform’s terms of service.
Dark Storm, active since 2023, is known for targeting NATO member states and nations supporting Israel. The group has been linked to Russia and has previously conducted DDoS attacks against various entities. Their agenda appears to align with Russian geopolitical interests, according to cybersecurity researchers.
This incident is not the first time X has faced significant outages. In August 2024, the platform experienced a major disruption, with approximately 66% of users reporting issues related to the app, website, and server connections. The frequency and scale of these attacks have raised concerns about the platform’s vulnerability to cyber threats.
Elon Musk’s recent involvement in geopolitical matters adds another layer of complexity to the situation. He has been vocal about the role of his company Starlink in aiding the Ukrainian military and has advocated for immediate peace negotiations to end prolonged conflicts. These positions may have made him and his associated enterprises targets for politically motivated cyberattacks.
The March 10 attack underscores the evolving nature of cyber threats, where non-state actors with political agendas can leverage sophisticated techniques to disrupt major platforms. The incident also highlights the challenges in attributing cyberattacks, as perpetrators can obfuscate their origins, leading to potential misdirection in identifying the responsible parties.
