Elon Musk mentioned his social media platform X was hit by a “huge cyber assault” on Monday – however who was behind it?
Musk mentioned IP addresses concerned in the attack have been traced to places “within the Ukraine space” however a hacking group known as Darkish Storm Crew claimed it was accountable, in now-deleted Telegram posts.
“Twitter has been taken offline by Darkish Storm Crew,” a put up learn on the group’s account, with a screenshot exhibiting connection issues in a protracted checklist of nations.
Right here, Sky Information seems to be at what we all know concerning the hackers claiming duty for the assault.
Elon Musk claimed IP addresses in Ukraine have been linked to the cyber assault on X. Pic: Reuters
Who’s Darkish Storm Crew?
The hacking group was based in 2023 and has orchestrated cyber assaults in opposition to governments and organisations identified to assist Israel, in line with cyber safety agency Test Level.
“They have a tendency to go after these high-profile assaults,” mentioned Muhammad Yahya Patel, a lead safety engineer at Test Level.
“Their principal mantra is to trigger disruption of providers, largely associated to authorities and NATO connections.”
The group has beforehand focused Israeli hospitals, US airports, authorities web sites and different essential infrastructure providers, in line with cyber safety web site SecurityScorecard.
It added that Darkish Storm Crew doesn’t are likely to demand ransoms after assaults and the group is vocal about its political motivations.
“We are going to assault any nation […] that helps the occupying entity,” the group posted on Telegram final yr, in screenshots shared by SecurityScorecard.
Nonetheless, Darkish Storm Crew isn’t fully motivated by political views – it additionally advertises itself as hackers-for-hire.
Ukraine, Musk, and an evicted Democrat
‘We have now no relationship with Ukraine’
Whereas Musk linked the cyber assault to IP addresses “within the Ukraine space”, that is disputed.
A put up from an X account claiming to be linked to Darkish Storm Crew learn: “In response to what Elon Musk mentioned concerning the cyber assault on the X platform, its supply is Ukraine.
“It’s an accusation with none proof, and we’ve no relationship with Ukraine.”
Cybersecurity consultants additionally questioned the declare, saying it might be uncommon for an assault like this to come back out of 1 location.
Learn extra:
Musk calls US senator ‘a traitor’ for visiting Ukraine
What’s gone wrong at Musk’s Tesla?
“The IP addresses are [usually] distributed globally from completely different places,” mentioned Mr Patel.
After checking with Test Level’s staff of cyber analysts, he added: “It seems to be like a basic DDoS assault coming from completely different places, completely different IP addresses.”
A DDoS, or denial-of-service, assault is when hackers flood a system with assaults from all angles, concentrating on internet servers, inside networks, or the rest they’ll entry. The thought is to disrupt providers sufficient that they turn out to be unavailable.
After scouring the darkish internet, Mr Patel’s staff additionally discovered nobody else claiming duty for the assault on X, solely Darkish Storm Crew.
Musk, the web and Ukraine
Musk triggered alarm on Sunday when he claimed Ukraine’s “total entrance line would collapse if I turned it [Starlink] off”.
He made the remarks throughout a row with Poland’s international minister over the usage of Musk’s satellite tv for pc web system.
Final yr, Ukraine mentioned round 42,000 of the web terminals have been in operation throughout its army, hospitals, companies and assist organisations.
Musk later mentioned he would “by no means flip off [Starlink’s] terminals”.
US negotiators urgent Kyiv for entry to Ukraine’s essential minerals have raised the potential of slicing Ukraine’s entry to the service, sources informed Reuters in February.
