On Sunday night, security researcher Mysk noticed something strange happening on X. It noticed it couldn’t send links to its signal account across X, either via DM or public post. When they tried, they got an error message telling them that the request looked like it was automated.
I can’t send a link to my Signal account through X DM. It says: “This request looks like it might be automated.” But other links work 🧐 pic.twitter.com/MpHZugpJE4
— Mysk 🇨🇦🇩🇪 (@mysk_co) February 17, 2025
For about 48 hours, users couldn’t send direct links to their Signal account across X’s DMs, public posts, or add the link to their bio. If people attempted to click existing links to Signal accounts, X warned them that they may be following a malicious link. As of Tuesday morning, with no explanation from X about what was going on, it all seems to have gone away.
Signal is an encrypted messaging app that’s grown in popularity over the past year. It’s one of the only messaging apps with strong end-to-end encryption that’s not monitored by a giant social media company with friendly ties to a world government and a history of turning over the contents of the messages to law enforcement at the drop of a hat.
A lot of people use WhatsApp, but that’s controlled by Meta. And last year, a massive breach of SMS protocols called Salt Typhoon proved that basic text messages aren’t secure. No messaging platform is 100 percent safe, but Signal is about as safe as it gets.
And for a few days, X seemed to think bits of Signal were malicious malware. As journalist Matt Binder first reported in his newsletter, the X block seemed to specifically affect “Signal.me” links. Signal.me is a domain that the encrypted messaging app uses to create a direct link to someone’s app. Signal can use phone numbers, but it’s also possible to generate a link that will open a DM to a person if you click it.
X would not populate Signal.me links on Sunday and Monday. “This request looks like it might be automated,” a pop-up would say if you tried to send one via a DM on X. “To protect our users from spam and other malicious activity, we can’t complete this action right now. Please try again later.”
Attempting to post the link directly on X also returned an error message. “We can’t complete this request because this link has been identified by X or our partners as being potentially harmful.” Attempting to put a link to your Signal account in the bio would also return an error. “Account update failed: Description is considered malware.”
On Tuesday morning when I sat down to confirm that this was still going on, it was gone. Everything worked. I could update my bio, send Signal.me links via a DM, and even post a Signal.me link. X did not respond to my request for comment, and it rarely talks to the press, so this will probably remain a mystery.
Blocking portions of Signal on X is weird but it’s also in keeping with how Elon Musk has run the business. The social media platform has restricted links to outside sites like Mastodon, Facebook, Instagram, and Bluesky for years. He often suspends accounts that are critical of him or his operations.
The weird move around Signal comes at a time when Musk is running a supra-government agency that’s gutting the federal government and whistleblowers and leakers are communicating with journalists, often via Signal.
