Cybersecurity researchers say X's AI moderation bots are wrongly suspending legitimate accounts and removing years of security research after technical posts are being flagged as "malicious behavior."

Multiple researcher accounts have been suspended in the past week alone, according to several discussions making the rounds on the Musk-owned social media platform.

Security research mistaken for "malicious behavior"

Some users have had posts removed, while others have been outright banned after being flagged for “violating” X’s rules against “illegal and regulated behaviors,” according to fellow security researcher and X user Steve S.

One researcher said even a comment posted five years ago had been reported and taken down from a thread.

“These are known-legitimate researchers that have been contributing to the cybersecurity space for years,” Steve S. posted.

Tagging @elonmusk, they wrote: “For years X/Twitter has remained the de facto gathering place for offensive security research. Unfortunately, if this aggressive enforcement of this opaque policy continues, what remains of the community in this space will be permanently silenced.”

Another widely shared post from Steve S. highlighted a suspension first noted by International Cyber Digest, which described the flagged account as belonging to “Smukx, a malware researcher, red teamer, and offensive security engineer known for his work on low-level malware development and adversary simulation tooling.”

Apparently, explaining “how keyloggers work at the OS level” in a discussion thread was enough to trigger the flag, which was described as simply “standard security research.”

“You can't defend against techniques nobody is allowed to explain,” the media outlet warned.

The astonishing number of valid research posts and accounts targeted this week even had malware repository vx-underground joining the discussion on Friday – using its own brand of humor, of course.

"Cybersecurity researchers keep getting flagged and/or suspended on X. Chat, it's only a matter of time for me. If I die, please collect pictures of cats in my honor,” vx-underground posted.

Researchers share banishment stories

Other users began telling their own incredulous tales of suspension – all while trying to figure out why they were flagged and how to avoid the next wave of banishment.

“Man, I didn't even get reported, I got full on stealth banned to where it said I didn't exist anymore. That was a shocker,” posted malware researcher and cybersecurity advocate EvilSec.

EvilSec happened to be responding to another X post by red teamer and offensive coding instructor, Mr.Un1k0d3r, who was also locked out of their X account this week.

“I guess it is my turn to be flagged. It really feels like Claude is doing all to clean up and flag everything cyber-related. I wish we could have the old Twitter back, Mr.Un1k0d3r said.

Meanwhile, vulnerability hunter Will Dormann, who said he migrated to Mastodon because “Twitter has become unbearable,” recounted his own suspension on the platform.

“I got my account locked for mentioning the name of the G*MP photo editing software. (It's hate speech),” Dormann commented in the thread, referencing GIMP, the open-source image editing tool.

AI bots can’t tell research from cybercrime

Multiple researchers blamed the suspensions on X’s AI-powered moderation system, which they say is penalizing researchers for contributing to deep-dive technical threads.

“This is crazy, content moderation is great, but when done with high-handedness, it becomes a system flaw,” one user wrote.

Researchers also complained that having AI bots run the show, so to speak, has left them with few options for rectifying what they say are illegitimate suspensions.

According to Steve S., the AI bots’ route a user’s appeals right back through automated systems rather than human Trust & Safety teams, leaving bona fide researchers indefinitely locked out of their accounts and potentially erasing years of historical research data.

Not surprisingly, these types of indiscriminate bans are apparently not limited to X. Attempting to explain the predicament, X user DissentingSkeptic stressed that “AI is extremely buggy and cannot understand context.”

He also noted that Facebook has used the same mechanisms, resulting in the similar removal of legitimate accounts, including his own, with “no staff left to respond to appeals.”

Furthermore, it appears that no one really knows which AI models are being used to power the automated moderation systems, with some suggesting Grok, and others pointing to Anthropic’s Claude.

“I hope some resolution to this issue is found quickly. Some of the best relationships I've built in the offensive security community originated on this platform, and it would be disappointing for the next generation of researchers to not have that opportunity,” Steve S. said.

---

Unlock more exclusive Cybernews content on YouTube.