Elon Musk Attributes X Platform Disruptions to Major Cyberattack - 1

Photo by Kelly Sikkema on Unsplash

Elon Musk Attributes X Platform Disruptions to Major Cyberattack

  • Written by Andrea Miliani Former Tech News Expert
  • Fact-Checked by Sarah Frazier Former Content Manager

The social media platform X experienced multiple outages on Monday. Its owner, Elon Musk, publicly announced that it had been happening due to a powerful cyberattack.

In a Rush? Here are the Quick Facts!

  • Elon Musk reported that X experienced a “massive cyberattack” on Monday, leading to widespread outages.
  • Users reported difficulties accessing X, with outage reports peaking at over 40,000 around 10:00 a.m. ET.
  • Cybersecurity experts expressed skepticism about the scale and origin of the attack, noting that such disruptions can be caused by small groups or individuals.

According to CNBC , around 40,000 users reported experiencing issues with the platform around 10:00 am ET yesterday, as registered by the real-time outage monitoring website Downdetector. Nearly 28,000 spotted glitches at 11:30 a.m. ET, and about 22,000 also faced difficulties accessing the platform at 2:00 p.m. ET.

“There was (still is) a massive cyberattack against 𝕏,” wrote Musk on his X account. “We get attacked every day, but this was done with a lot of resources. Either a large, coordinated group and/or a country is involved.”

The platform issue happened on the same day Musk’s Department of Government Efficiency (DOGE) rolled out GSAi , a proprietary chatbot to automate tasks at the General Services Administration (GSA), amid massive job cuts.

According to Reuters , cybersecurity specialists were skeptical regarding Musk’s declarations and what the billionaire meant about “a lot of resources” as the denials of service—the type of attack the platform X received—had been executed by individuals or small groups.

An anonymous source in the internet infrastructure industry told Reuters the social media network had been hit by multiple waves of denial of service throughout the day.

In an interview with Fox Business Network, Musk said that the cyberattacks came from IP addresses located in Ukraine. However, Reuter’s source, said that the rouge traffic linked to Ukranian IP addresses was “insignificant” and that a large amount of the malicious traffic attacking X was tracked back to IP addresses in the United States, Brazil, Vietnam, and other regions.

Musk had previously backed President Donald Trump criticizing Ukraine’s fighting strategies against Russians and said on Sunday that their front lines “would collapse” without his Starlink satellite internet service.

Hackers Use TRUMP Coin Scam To Spread Malware Via Fake Binance Emails - 2

Image by Marco Verch, from Ccnull

Hackers Use TRUMP Coin Scam To Spread Malware Via Fake Binance Emails

  • Written by Kiara Fabbri Former Tech News Writer
  • Fact-Checked by Sarah Frazier Former Content Manager

Hackers are using a fake Binance website and the promise of TRUMP cryptocurrency to trick victims into installing malware, cybersecurity researchers warn.

In a Rush? Here are the Quick Facts!

  • Victims unknowingly install ConnectWise RAT instead of Binance’s desktop platform.
  • Hackers take remote control of infected computers in under two minutes.
  • The fake website mimics Binance and TRUMP coin pages to appear legitimate.

The phishing campaign, uncovered by Cofense , impersonates Binance—the world’s largest cryptocurrency exchange—offering users a chance to earn TRUMP coins by downloading Binance software and making deposits. Instead, victims end up installing a remote access tool (RAT) that grants hackers control over their computers in under two minutes.

Trump announced the TRUMP coin in January, with companies tied to him allegedly making millions from it. While the cryptocurrency itself is controversial, the phishing scam raises further concerns about cybercrime targeting political supporters, as reported by The Record .

Max Gannon, Intelligence Manager at Cofense, explained the severity of the attack: “Some campaigns have been spoofing LinkedIn, others Binance, Virtru, and even the United States Social Security Administration. Part of the reason it has likely become so popular recently is that it has a lot of features and is free to use and easy to set up,” reported The Record.

“Moreover because it is technically legitimate there are a large number of files that it uses which cannot simply be blocked because they are also used by legitimate installations of ConnectWise RAT,” he added.

The emails convincingly mimic Binance’s branding, even including risk warnings to appear more legitimate. The scam’s fake website also closely resembles Binance and TRUMP coin pages, using real images from both platforms.

However, instead of providing a Binance client, the site delivers a modified version of ConnectWise RAT, a tool that allows cybercriminals to take over infected computers remotely. Once a device is compromised, the attacker wastes no time.

“Shortly after checking in, the threat actor takes remote control of any infected computers. This is in contrast to most ConnectWise RAT installations where the threat actor will only decide to interact with an infected host after some time has passed,” Cofense explained.

Attackers immediately target saved passwords, particularly from browsers like Microsoft Edge. The campaign demonstrates the growing trend of cybercriminals using real-world news and political events to enhance their scams. By leveraging Trump’s highly publicized cryptocurrency, hackers have found an effective way to lure victims.

Cofense explained that ConnectWise RAT’s simplicity makes it accessible to hackers of all skill levels, from inexperienced individuals to advanced persistent threat (APT) groups seeking to conceal their activities.

Security experts advise users to be cautious of unsolicited emails and to avoid clicking links promising financial opportunities. Instead, they recommend visiting official cryptocurrency websites directly to prevent falling victim to scams.