Technology

I'm checking the Xitter page of the alleged source of the attacks, SN_Blackmeta. But what caught my attention the most was another message. And overall the account.

• Their group was formed in April 2024. It's an extremely new group.
• Their targets overall seem too "random".
• They're using Xitter dammit. Do they not care about their own security?
• Whoever wrote the English version of the text speaks Dutch or German. Probably Dutch, as their spelling corrector is "fixing" words like "beginning" into "beginnen", "witne[ssed]" to "witten[seed]", etc.
• Don't trust me on what I'm going to say as I don't speak Russian, but there's also something off with their Russian version of the text. Typically Russian doesn't use a comma after time expressions like "в этот день" (on this day); you could argue that it's there due to that parenthetical expression (7 апреля 2024 года), but even its presence feels off. Also the fact that they spelled out "года" instead of just "г.".

If I had to take some bets: the group is from Western Europe, not Russia or any country where Arabic is the dominant language. They're likely skript kiddos trying to take the "glory" of attacks conducted by someone else; if they aren't, my second guess would be that they're doing it just to call attention to themselves ("look ma! I'm a haxor!!! I'm so cool!! X-D" style).