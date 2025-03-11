During a Fox News interview earlier this week, multi-hypenate billionaire and X-formerly-Twitter owner Elon Musk blamed a "massive cyberattack" that repeatedly took down the site yesterday as coming from Ukraine.

But, as Wired reports, his evidence is flimsy at best. Musk claimed that "IP addresses" behind the attack originated in the embattled European nation. But as experts told the publication, that's far from actual proof.

"What we can conclude from the IP data is the geographic distribution of traffic sources, which may provide insights into botnet composition or infrastructure used," connectivity firm Zayo chief security officer Shawn Edwards told Wired. "What we can’t conclude with certainty is the actual perpetrator’s identity or intent."

One researcher claimed in an interview with Wired that Ukraine wasn't even in the top 20 IP addresses involved in the attack.

Since then, a pro-Palestine hacking group called Dark Storm Team claimed responsibility for the attacks in now-deleted Telegram posts.

And considering some glaring technical oversights, the hackers seem to have had a surprisingly easy time taking down the social media platform. Security researchers told Wired that several X origin servers, which are designated to respond to web requests, weren't secured by the company's Cloudflare protection.

Cloudflare offers services allowing websites to automatically detect and mitigate distributed denial-of-service (DDoS) attacks, like the most recent cyberattack targeting X.

"The botnet was directly attacking the IP and a bunch more on that X subnet yesterday," independent security researcher Kevin Beaumont told Wired. "It's a botnet of cameras and DVRs."

Put simply, X was ill-prepared, despite DDoS attacks being an extremely common threat to virtually all services on the internet. The company's loose protections may have even allowed the incident to be far worse than it would've been otherwise.

It'd be far from the first time X has been thrown into chaos due to questionable decision-making and a bevy of bugs.

Whether state actors were indeed behind the attack, as Musk strongly suggests, remains dubious at best. Experts suggest it's unlikely, considering the crudeness of the attack.

"There are kind of two types of cyber attacks — there are ones that are designed to be very loud and there are ones that are designed to be very quiet," cyber operations Nicholas Reese told the Associated Press. "And the ones that are usually the most valuable are the ones that are very quiet."

"Something like this was designed to be discovered," he added. "So to me that almost certainly eliminates state actors. And the value that they would have gained from it is pretty low."

Musk has certainly made plenty of enemies with his embracing of extreme-right ideologies and plundering of the US government. The dealerships of his car company Tesla have been targeted with protests and vandalism across the country, indicating a massive flare-up in anti-Musk sentiment.

In other words, a DDoS attack against Musk's social media mouthpiece isn't exactly surprising, regardless of who was behind it.

