Following a similar assault on Bluesky just days prior, the decentralized social media platform Mastodon has also been targeted in a major distributed denial-of-service (DDoS) attack.
The attack targeted Mastodon.social, the flagship Mastodon server, and caused what the organization classified as a ‘major outage’.
According to the Mastodon status page, the DDoS attack started on April 20 at around 1 PM, and by 4 PM mitigations were rolled out and the site became accessible.
An update shared on April 21 at 11 AM showed that the attack stopped and operations had returned to normal.
The DDoS attack came just days after Bluesky, a similar social media platform, was disrupted by what it described as a sophisticated attack.
A threat actor called 313 Team, which claims to be a pro-Iran hacktivist group, took responsibility for the attack, but their claims have not been verified.
No one appears to have taken credit publicly for the attack on Mastodon.
Both Mastodon and Bluesky surged in popularity following Elon Musk’s acquisition of X (formerly Twitter), positioning themselves as decentralized refuges from top-down control, unpredictable algorithms, and erratic moderation.
Related: Critical Vulnerability Can Allow Takeover of Mastodon Servers
Related: 53 DDoS Domains Taken Down by Law Enforcement
Related: German Rail Giant Deutsche Bahn Hit by Large-Scale DDoS Attack
