Elon Musk stated his social media platform X was hit by a “massive cyber attack” on Monday – however who was behind it?
Musk stated IP addresses concerned within the assault had been traced to areas “in the Ukraine area” however a hacking group known as Darkish Storm Crew claimed it was accountable, in now-deleted Telegram posts.
“Twitter has been taken offline by Dark Storm Team,” a submit learn on the group’s account, with a screenshot displaying connection issues in a protracted listing of nations.
Picture:
Elon Musk claimed IP addresses in Ukraine had been linked to the cyber assault on X. Pic: Reuters
Who’s Darkish Storm Crew?
The hacking group was based in 2023 and has orchestrated cyber assaults in opposition to governments and organisations recognized to help Israel, in accordance with cyber safety agency Test Level.
“They tend to go after those high-profile attacks,” stated Muhammad Yahya Patel, a lead safety engineer at Test Level.
“Their main mantra is to cause disruption of services, largely related to government and NATO connections.”
The group has beforehand focused Israeli hospitals, US airports, authorities web sites and different vital infrastructure providers, in accordance with cyber safety website Safety Scorecard.
It added that Darkish Storm Crew doesn’t are inclined to demand ransoms after assaults and the group is vocal about its political motivations.
“We will attack any country […] that supports the occupying entity,” the group posted on Telegram final 12 months, in screenshots shared by Safety Scorecard.
Nevertheless, Darkish Storm Crew shouldn’t be fully motivated by political opinions – it additionally advertises itself as hackers-for-hire.
Please use Chrome browser for a extra accessible video participant
0:56
Ukraine, Musk, and an evicted Democrat
‘We’ve no relationship with Ukraine’
Whereas Musk linked the cyber assault to IP addresses “in the Ukraine area”, that is disputed.
A submit from an X account claiming to be linked to Darkish Storm Crew learn: “According to what Elon Musk said about the cyber attack on the X platform, its source is Ukraine.
“It’s an accusation with none proof, and now we have no relationship with Ukraine.”
Cybersecurity experts also questioned the claim, saying it would be unusual for an attack like this to come out of one location.
“The IP addresses are [usually] distributed globally from completely different areas,” said Mr Patel.
After checking with Check Point’s team of cyber analysts, he added: “It seems like a basic DDoS assault coming from completely different areas, completely different IP addresses.”
A DDoS, or denial-of-service, attack is when hackers flood a system with attacks from all angles, targeting web servers, internal networks, or anything else they can access. The idea is to disrupt services enough that they become unavailable.
After scouring the dark web, Mr Patel’s team also found no one else claiming responsibility for the attack on X, only Dark Storm Team.
Musk, the internet and Ukraine
Musk caused alarm on Sunday when he claimed Ukraine’s “whole entrance line would collapse if I turned it [Starlink] off”.
He made the remarks throughout a row with Poland’s international minister over the usage of Musk’s satellite tv for pc web system.
Final 12 months, Ukraine stated round 42,000 of the web terminals had been in operation throughout its army, hospitals, companies and support organisations.
Musk later stated he would “never turn off [Starlink’s] terminals”.
US negotiators urgent Kyiv for entry to Ukraine’s vital minerals have raised the potential of reducing Ukraine’s entry to the service, sources advised Reuters in February.
