FOLLOWING a disruption to Bluesky, Mastodon was targeted in a major DDoS attack on its flagship Mastodon[.]social server, causing a “major outage” before mitigations were rolled out and the site came back online. According to the Mastodon status page, the DDoS attack began on 20 April at around 1 PM, with access restored by 4 PM that day. An update on 21 April at 11 AM stated that the attack had stopped and operations had returned to normal.
The incident is claimed by a threat actor called 313 Team, which describes itself as a pro-Iran hacktivist group, though their claims have not been verified; no one has publicly claimed responsibility for the Mastodon attack beyond that attribution. SecurityWeek notes that Mastodon and Bluesky have both risen in popularity as decentralised alternatives to top-down social media platforms following Elon Musk’s acquisition of X.