Mastodon Hit by DDoS Attack Following Similar Bluesky Disruption On April 20, 2026, the decentralized social media platform Mastodon experienced a significant distributed denial-of-service (DDoS) attack, just days after a comparable incident disrupted Bluesky. The attack caused widespread outages for users of the open-source microblogging platform before Mastodon’s team successfully mitigated the issue within hours. Mastodon’s official updates outlined the attack’s progression: - 12:58 PM (April 20): The platform confirmed an ongoing DDoS attack and began investigating. - 3:05 PM (April 20): Countermeasures were deployed, restoring accessibility while monitoring continued. While the hacker collective 313 Team claimed responsibility for the earlier Bluesky attack, no group has publicly taken credit for the Mastodon disruption. The incident highlights the growing vulnerability of decentralized platforms to large-scale cyber threats. Service was fully restored by the end of the day.

Bluesky Hit by Prolonged DDoS Attack, Causing Widespread Service Disruptions Bluesky, the decentralized social media platform, has been battling a sustained distributed denial-of-service (DDoS) attack since April 15, leading to repeated outages and degraded service. The attack, which began around 8:40 p.m. Eastern Time, has overwhelmed the platform’s infrastructure with a flood of malicious traffic, disrupting core features such as timelines, notifications, threads, and search. According to Bluesky COO Rose Wang, the attack is part of an ongoing cyber campaign targeting the platform. While DDoS attacks do not compromise internal systems or user data, they cripple service availability by overwhelming servers with bogus requests. Users have reported intermittent access issues, with error messages indicating rate limits and server strain. Bluesky’s status page, currently unavailable, previously acknowledged the incident, stating that engineers were investigating disruptions in one of its regions. The company has pledged to provide updates on mitigation efforts by 1:00 p.m. Eastern Time on Friday. Despite the disruptions, Bluesky has assured users that their data remains secure. The attack highlights the vulnerability of emerging platforms to large-scale cyber threats, with Bluesky’s team working to restore full functionality as the situation evolves.

Bluesky Hit by Prolonged DDoS Attack Amid Hacktivist Claims Bluesky, the decentralized social media platform, experienced service disruptions last week following a sophisticated distributed denial-of-service (DDoS) attack. The assault began late on April 15 (Pacific Time) and persisted for roughly 24 hours, causing intermittent outages affecting user feeds, notifications, threads, and search functionality. The company confirmed that while the attack disrupted operations, there was no evidence of unauthorized access to private user data. Bluesky stated it successfully mitigated the attack, preventing prolonged downtime despite its duration. A hacktivist group calling itself 313 Team (also known as Islamic Cyber Resistance in Iraq) claimed responsibility for the attack, asserting it would last only three hours a claim that proved inaccurate. The group, which has been active amid geopolitical tensions involving the U.S., Israel, and Iran, has a history of making unverified or exaggerated statements. Security experts note that such groups may sometimes serve as fronts for state-affiliated actors. The incident follows a recent surge in high-profile DDoS attacks, including law enforcement takedowns of DDoS-for-hire domains and record-breaking botnet-driven assaults on infrastructure targets.

Mastodon’s Flagship Server Hit by DDoS Attack, Causing Temporary Outages Mastodon’s primary server, mastodon.social, was targeted by a distributed denial-of-service (DDoS) attack on Monday, rendering the instance intermittently inaccessible. Users encountered error messages or full-screen outage warnings as the platform struggled under the assault. Mastodon acknowledged the attack in a status update at approximately 7 a.m. ET, confirming it was investigating the incident. By 9:05 a.m. ET, the team implemented countermeasures, restoring access, though some instability persisted as the attack continued. The attack follows a similar DDoS incident targeting Bluesky, another decentralized social network, which experienced days-long outages before stabilizing on April 16. Mastodon reported that the attack involved millions of malicious requests, consistent with a DDoS pattern, but only mastodon.social was affected other instances in the Fediverse remained operational. Andy Piper, Mastodon’s head of communications, highlighted the resilience of decentralized networks, noting that users on other servers were unaffected and could continue posting without disruption. DDoS attacks overwhelm servers with junk traffic, causing outages without stealing data. While disruptive, their impact on decentralized platforms like Mastodon and Bluesky is often limited to specific instances rather than the entire network.