On Monday, Mastodon’s flagship server was targeted by a distributed denial-of-service (DDoS) attack, causing disruptions and rendering the instance unusable at intervals. Large portions of the site were inaccessible, displaying error messages or a full-screen outage alert. Mastodon, the creator of the decentralized social networking software and operator of the mastodon.social instance, reported in a status update around 7 a.m. ET on Monday that they were investigating the cyberattack. By 9:05 a.m. ET, Mastodon announced it had taken countermeasures against the DDoS attack and had restored accessibility to the site, though they cautioned that some instability might persist as the DDoS attack continued.
The attack on Mastodon follows recent events where Bluesky, another decentralized social network, dealt with extended outages due to a long-lasting DDoS attack. As of Bluesky’s update on April 17, the DDoS persisted, but their service has been stable since April 16 at 9 PM PDT, with a recent update confirming the continued stability. Mastodon representatives did not immediately respond to inquiries about the cause of the cyberattack when contacted by TechCrunch.
DDoS attacks involve overwhelming an app or website’s servers with excessive junk web traffic, with the intention of disabling them, but do not involve data theft. These attacks have become increasingly potent, and last year, Cloudflare mitigated the largest recorded DDoS attack, which peaked at 29.7 terabits per second. When directed at decentralized social networks, the attacks can cause instability and outages, but not everyone is affected. For instance, during Bluesky’s incident, users who migrated to other providers using the same protocol, like Blacksky, were unaffected. Similarly, the attack on Mastodon primarily targeted the larger server mastodon.social, leaving smaller instances within the network unaffected.