bbc.com
Liv McMahon
Technology reporter
Elon Musk's X and Grok platforms are facing increased scrutiny from authorities on both sides of the channel.
The French offices of Elon Musk's X have been raided by the Paris prosecutor's cyber-crime unit, as part of an investigation into suspected offences including unlawful data extraction and complicity in the possession of child sexual abuse material (CSAM).
The prosecutor's office also said both Musk and former X chief executive Linda Yaccarino had been summoned to appear at hearings in April.
In a separate development, the UK's Information Commissioner's Office (ICO) announced a probe into Musk's AI tool, Grok, over its "potential to produce harmful sexualised image and video content."
Writing on X, Musk said the raid was a "political attack".
The company said in a statement that it was "disappointed" but "not surprised," and accused the Paris Public Prosecutor's office of an "abusive act."
X also denied any wrongdoing and said the raid "endangers free speech."
The investigation began in January 2025 when French prosecutors started looking into content recommended by X's algorithm, before being widened in July that year to include Musk's controversial AI chatbot, Grok.
Yaccarino also took to X to accuse French prosecutors of carrying out "a political vendetta against Americans."
"To be clear: they are lying," added Yaccarino, who left the firm last year.
Following Tuesday's raid, French prosecutors say they are now investigating whether X has broken the law across multiple areas.
Among potential crimes it said it would investigate were complicity in possession or organised distribution of CSAM, infringement of people's image rights with sexual deepfakes and fraudulent data extraction by an organised group.
New UK investigation
Meanwhile, UK authorities have given an update on their investigations into sexual deepfakes created by Grok and shared on X.
The images - often made using real images of women without their consent - prompted a barrage of criticism in January from victims, online safety campaigners and politicians.
The company eventually intervened to prevent the practice, after Ofcom and others launched investigations.
In an update on Tuesday, Ofcom said it was continuing to investigate the platform and was treating it as "a matter of urgency".
But it added it was currently unable to investigate the creation of illegal images by Grok in this case because it did not have sufficient powers relating to chatbots.
However, shortly afterwards the ICO said it was launching its own probe, in conjunction with Ofcom, into the processing of personal data in relation to the Grok.
"The reports about Grok raise deeply troubling questions about how people's personal data has been used to generate intimate or sexualised images without their knowledge or consent, and whether the necessary safeguards were put in place to prevent this," said William Malcolm, the ICO's executive director for regulatory risk & innovation.
In late January, the European Commission announced an investigation into its parent company xAI over concerns about the images.
A Commission spokesperson said it was in touch with France over its search of X's office in Paris.
'Not a free country'
Pavel Durov - founder of the messaging app Telegram - criticised the French authorities on Tuesday, accusing France of being "the only country in the world that is criminally persecuting all social networks that give people some degree of freedom".
"Don't be mistaken: this is not a free country," he added in a post on X.
Durov was arrested and detained in France in August 2024 over alleged moderation lapses on his messaging app, which the Paris prosecutor's office said had failed to curb criminal activity.
He was permitted to leave the country last March after the platform made some changes to the way it operates following the arrest.
These included sharing some user data with authorities in response to legal requests.
On 12 June 2025, dozens of anonymous X (formerly Twitter) accounts advocating Scottish independence abruptly went silent. Many had posted hundreds of times per week, often using pro-independence slogans, anti-UK messaging, and identity cues like “NHS nurse” or “Glaswegian socialist.”
Their sudden disappearance coincided with a major Israeli airstrike campaign against Iranian military and cyber infrastructure. Within days, Iran had suffered severe power outages, fuel shortages, and an internet blackout affecting 95 percent of national connectivity.
What appeared at first glance to be a curious coincidence has since emerged as the most visible rupture to date in a long-running foreign influence operation.
US man who hacked SEC’s X account to spike Bitcoin price sentenced to prison
Eric Council Jr., 26, was sentenced to 14 months in prison and three years of supervised release on Friday for participating in the hack of the official X account of the U.S. Securities and Exchange Commission.
The U.S. Department of Justice announced the sentencing in a press release. Council and other hackers took over the SEC’s X account in 2024 to falsely announce that the agency had approved Bitcoin exchange traded funds, or ETFs, which shot up the price of the cryptocurrency before later dropping.
According to the DOJ, Council and his co-conspirators performed a SIM swap attack against the cellphone account of a person who had access to the SEC’s X account, which allowed the hackers to take control of their phone number. From there, the hackers reset the password of the SEC’s X account, granting them control of the account.
Russian media outlet RT ran the bot farm to pump out disinformation via 968 Twitter accounts, the US Justice Department says.
An “unauthorized party” hijacked the cell phone number of the person running the SEC’s X account before taking over the social media feed and posting messages.
In a statement on Monday, an SEC spokesperson explained that two days after the January 9 account takeover, the government agency spoke to its telecom carrier and discovered that someone “obtained control of the SEC cell phone number associated with the account in an apparent ‘SIM swap’ attack.”
The X account of the U.S. Securities and Exchange Commission, which is deciding whether to approve bitcoin ETFs, "was compromised," the regulator told CoinDesk.
The official Netgear and Hyundai MEA Twitter/X accounts (together with over 160,000 followers) are the latest hijacked to push scams designed to infect potential victims with cryptocurrency wallet drainer malware.
Hackers are increasingly targeting verified accounts on X (formerly Twitter) belonging to government and business profiles and marked with 'gold' and 'grey' checkmarks to promote cryptocurrency scams, phishing sites, and sites with crypto drainers.
Google and Twitter ads are promoting sites containing a cryptocurrency drainer named 'MS Drainer' that has already stolen $59 million from 63,210 victims over the past nine months.
Musk's mega-app-in-waiting goes from chopping headlines to profile URLs
An ethical hacker has exploited a bug in the way X truncates URLs to take over a CIA Telegram channel used to receive intelligence.
Kevin McSheehan, who uses the online handle "Pad," spotted the issue after hovering over the link to the CIA's Telegram channel displayed on its X social media profile.
Chinese sextortion scam accounts flood X (previously Twitter) after the platform introduced a blue-check policy allowing users to buy verified badges.
PlugwalkJoe, aka Joseph James O’Connor, a UK citizen connected to the 2020 Twitter hack affecting many high-profile accounts, including Elon Musk, Joe Biden, Barack Obama, and Apple, has pled guilty to cyberstalking and other crimes. On Tuesday, the Department of Justice (DOJ) announced that O’Connor has been extradited to the US.
We detected Mac malware MacStealer spreading via websites, social media, and messaging platforms Twitter, Discord, and Telegram. Cybercriminals lure victims to download it by plagiarizing legitimate play-to-earn (P2E) apps’ images and offering jobs as beta testers.
No passwords, but plenty of stuff for social engineering and doxxing
A watchdog is to investigate Twitter after a hacker claimed to have private details linked to more than 400 million accounts.
A threat actor claims to be selling public and private data of 400 million Twitter users scraped in 2021 using a now-fixed API vulnerability. They're asking $200,000 for an exclusive sale.
The Record by Recorded Future gives exclusive, behind-the-scenes access to leaders, policymakers, researchers, and the shadows of the cyber underground.
We take a look at reports that verified Twitter accounts are being targeted by scammers with claims of hate speech.
NetBlocks metrics confirm the restriction of Twitter in Russia from the morning of Saturday 26 February 2022. Facebook servers have subsequently been restricted as of Sunday. The restrictions are in ...
