When a major platform like X (formerly known as Twitter) suddenly goes down, it's no surprise that people start wondering what happened. This time, the culprit was a DDoS attack that knocked the social network offline for hours.
The hacktivist group Dark Storm claimed responsibility for the DDoS attacks that disrupted X in various parts of the world on Monday, March 10, 2025. As a result, the company activated Cloudflare's DDoS protection to mitigate the impact.
Although Elon Musk, the owner of X, didn’t specifically confirm that a DDoS attack was behind the outages, he did acknowledge that the disruption was caused by a "massive cyberattack."
"There was (and still is) a massive cyberattack against X," Musk posted on the platform.
He added:
"We get attacked every day, but in this case, a lot of resources were used. Either a large, coordinated group or even a nation is involved. The tracking..."
Dark Storm, a pro-Palestinian hacktivist group active since 2023, has previously targeted organizations in Israel, Europe, and the United States.
On Monday, the group announced on their Telegram channel that they were launching DDoS attacks on X, sharing screenshots and links from the website check-host.net as proof of the attack.
For those unfamiliar, check-host.net is a tool that allows users to check a website’s availability from various global servers. It’s commonly used during DDoS attacks to demonstrate that a site is being blocked or disrupted.
X Implements Cloudflare Protection After the Attack
In response to the attack, X is now using Cloudflare's DDoS protection service. This system displays a captcha when suspicious IP addresses attempt to connect, especially when a single IP generates too many requests. Currently, the help.x.com section of the platform shows a Cloudflare captcha for all requests, as seen in the screenshot below.
Read More: What is a Firewall? Your First Line of Defense in Cybersecurity
Hacktivist groups have repeatedly proven their ability to disrupt major tech platforms using botnets and other sophisticated methods.
In 2024, U.S. authorities charged two Sudanese brothers for allegedly operating the hacktivist group Anonymous Sudan. This group successfully took down websites and APIs of major tech companies like Cloudflare, Microsoft, and OpenAI, impacting services for thousands of users worldwide.