Services at X Corp., formerly Twitter, were heavily disrupted today after the company was targeted in a distributed denial-of-service attack for which a pro-Palestinian hacking group has taken credit.

Issues at X first appeared early this morning EDT, as users reported issues with both the X app and the website. Reports then varied throughout the day, with outage reports dipping and then returning as the DDoS attack targeted X in waves. As of 7 p.m. EDT, X was mostly back online, with a declining number of reports on Downdetector from users.

Elon Musk, formally X’s chief technology officer and executive chairman, confirmed the attack, saying on X that those behind the attack involved “either a large, coordinated group and/or a country is involved.” He later suggested that the cyberattack originated from IP addresses in the “Ukraine area,” though he did not provide specific evidence to support the claim.

As the day progressed, a pro-Palestinian hacking group known as Dark Storm Team claimed responsibility for the attack. Reportedly established in 2023, according to Malwarebytes Labs, the group has a history of launching attacks that can disrupt websites by sending massive traffic their way.

​Previously known targets of Dark Storm Team include organizations in Israel, Europe and the U.S., reflecting the group’s pro-Palestinian stance. In February 2024, they issued threats against North Atlantic Treaty Organization countries, Israel and their allies, vowing to launch cyberattacks on government websites and critical infrastructure.

In response to the attack, X implemented Cloudflare Inc.’s DDoS protection services to mitigate the impact. The measure introduced captchas for certain users to verify human access, aiming to stabilize the platform amidst ongoing threats.

As of now, X continues to monitor and address the situation to restore full functionality. Users may still experience intermittent issues as the platform works to stabilize its services.

Chad Cragle, chief information security officer at managed security platform provider Deepwatch Inc., told SiliconANGLE via email that “this far beyond simple DoS attempts” and that “these are full-scale DDoS assaults, combined with sophisticated botnet activity, credential stuffing, API abuse and targeted application-layer attacks designed to cripple operations.”

“While technical issues can occur, X’s engineers understand scalability and redundancy,” he added. “This isn’t incompetence; it’s cyberwar hitting at full force. With Musk in the spotlight and political tensions at a peak, these attacks bear all the indicators of nation-state aggression. They’re throwing everything but the kitchen sink at X and others pushing for maximum disruption, downtime and, if possible, data exposure.”

Image: SiliconANGLE/Ideogram