What actually happened with the DDOS attacks that dropped x

The social network X suffered from intermittent interruption on Monday, the owner of the situation, Elon Musk, attributed to a “huge electronic attack”. Musk said in the first X publication that the attack was committed by “either a large and coordinated group and/or country.” In a post on Telegram, a supportive group of a Palestinian known as “Dark Storm Team” got the credit in the attacks within a few hours. Later on Monday, though, Musk claimed in an interview on the Fox Business Network that the attacks came from the Ukrainian IP addresses.

On Monday, traffic analysis experts who followed the accident on Monday emphasized that the type of attacks that X may face – rejecting the service, DDOS, attacks – launched by a coordinated army of computers, or “robots”, or calm a target with unwanted traffic in an attempt to give up its two systems. BOTNETS is usually separated around the world, generating traffic with various geographic IP addresses, and can also include mechanisms that make it difficult to determine where to be controlled.

“It is important to realize that the IP assignment alone is not conclusive.” Sean Edwards, chief security official at the Zayo network, says that the attackers frequently use available devices, VPNS or agent networks to cancel their real origin.

X did not return WIRED requests to comment on the attacks.

Several Wire researchers tell that they have noticed five distinct attacks of varying length against X’s infrastructure, the first beginning in the early morning with a final explosion on Monday afternoon.

“During the turmoil, a thousand network conditions have been observed by the DDOS attack, including the large traffic loss conditions that were preventing users from accessing the application.”

DDOS attacks are common, and almost all modern internet services are tested and they should defend themselves proactive. MUSK himself said on Monday, “We are attacked every day.” Why, then, have DDOS attacks caused an interruption of x? Musk said that the reason for this is “this has been done with a lot of resources,” but independent security researcher Kevin Bouont and other analysts see evidence that some of the x -ancient servers, which respond to web requests, have not been properly secured behind the company’s company’s CLOUDLARE DDOS protection Public visual. As a result, the attackers can target them directly. X has since secured servers.

“The robots were attacking directly IP Another group on this sub -network X yesterday, it is a robot of cameras and DVRS, ”says Pomont.

A few hours after the conclusion of the final attack, Musk told the Fox Business host Larry Kudlo in an interview: “We are not sure of what exactly happened, but there was a huge electronic attack to try to drop the X system with the IP addresses that originated in the Ukraine region.”

Musk has Mockery Ukraine and its president, Folodimir Zellinski, repeatedly since Russia invaded its neighbor in February 2022. There is a major donor to the campaign Donald Trump, Musk is now headed by the so -called government efficiency, or Doug, which destroyed the US federal government and forces working in Trump. Meanwhile, the Trump administration has recently prompted the high relations with Russia and the United States has moved away from its long support from Ukraine. Musk has already participated in this political geography in the context of a different company owned by, Spacex, which runs the Satelink Internet service on which many Ukrainians depend.

DDOS traffic analysis can destroy unwanted traffic castle in various ways, including inserting countries with the largest IP addresses participating in the attack. But one of the researchers from a prominent company, asked not to be identified because they were not authorized to talk about X, indicated that they had not even seen Ukraine in the collapse of the origins of the top twentieth IP address participating in the X.

If the Ukrainian IP addresses contribute to the attacks, although many researchers say that the truth alone is not worthy of observation.

“What we can deduce from IP data is the geographical distribution of traffic sources, which may provide an insight into the formation of robots or infrastructure used,” says Edwards of Zayo. “What we cannot conclude with certainty is the identity or intention of the perpetrator of the actual crime.”