Mastodon Hit by DDoS Attack Following Similar Bluesky Disruption On April 20, 2026, the decentralized social media platform Mastodon experienced a significant distributed denial-of-service (DDoS) attack, just days after a comparable incident disrupted Bluesky. The attack caused widespread outages for users of the open-source microblogging platform before Mastodon’s team successfully mitigated the issue within hours. Mastodon’s official updates outlined the attack’s progression: - 12:58 PM (April 20): The platform confirmed an ongoing DDoS attack and began investigating. - 3:05 PM (April 20): Countermeasures were deployed, restoring accessibility while monitoring continued. While the hacker collective 313 Team claimed responsibility for the earlier Bluesky attack, no group has publicly taken credit for the Mastodon disruption. The incident highlights the growing vulnerability of decentralized platforms to large-scale cyber threats. Service was fully restored by the end of the day.

Mastodon’s Flagship Server Hit by DDoS Attack, Causing Temporary Outages Mastodon’s primary server, mastodon.social, was targeted by a distributed denial-of-service (DDoS) attack on Monday, rendering the instance intermittently inaccessible. Users encountered error messages or full-screen outage warnings as the platform struggled under the assault. Mastodon acknowledged the attack in a status update at approximately 7 a.m. ET, confirming it was investigating the incident. By 9:05 a.m. ET, the team implemented countermeasures, restoring access, though some instability persisted as the attack continued. The attack follows a similar DDoS incident targeting Bluesky, another decentralized social network, which experienced days-long outages before stabilizing on April 16. Mastodon reported that the attack involved millions of malicious requests, consistent with a DDoS pattern, but only mastodon.social was affected other instances in the Fediverse remained operational. Andy Piper, Mastodon’s head of communications, highlighted the resilience of decentralized networks, noting that users on other servers were unaffected and could continue posting without disruption. DDoS attacks overwhelm servers with junk traffic, causing outages without stealing data. While disruptive, their impact on decentralized platforms like Mastodon and Bluesky is often limited to specific instances rather than the entire network.