The DDoS attack that took down Twitter and slowed Facebook was apparently targeted at a single person.
According to Facebook's chief security officer Max Kelly the target of the attacks was an anti-Russian blogger, operating under the username Cyxymu, on the anniversary of Georgian troops invading South Ossettia.
"It was a simultaneous attack across a number of properties targeting him to keep his voice from being heard," Kelly told CNet.
"We're actively investigating the source of the attacks and we hope to be able to find out the individuals involved in the back end and to take action against them if we can."
Spam or revenge?
Security expert and TechRadar columnist Graham Cluley of Sophos thinks that some suggestions that spam was the actual cause of the Twitter crash was wide of the mark, but does have an alternative theory.
"Some media reports have suggested that the surge in internet traffic that crippled Twitter wasn't the result of a distributed denial-of-service attack, but caused by spam recipients clicking on the links to Cyxymu's webpages," said Cluley on his blog.
"I don't think that's likely. Most people wouldn't have bothered clicking on the link.
"However, I think it is possible that the spam campaign was either run alongside the denial-of-service from compromised computers around the world, or that someone who wasn't responsible for the Joe Job decided to wreak revenge on whoever they believed to have spammed them (and they might have imagined it was Cyxymu) by launching a DDoS from their botnet."
Whatever the outcome, Twitter and Facebook will be spending the day and possibly the weekend getting to the bottom of exactly what happened.
Article continues below