DDoS wave continues as Mastodon hit after Bluesky incident
Pierluigi Paganini
April 22, 2026
April 22, 2026 
Mastodon suffered a major DDoS attack shortly after a similar incident hit Bluesky. The outage was significant but resolved within a few hours.
Mastodon was hit by a major DDoS attack just days after a similar disruption affected Bluesky. Mastodon is a free and open-source software platform for decentralized social networking with microblogging features similar to X.
The attack caused a major outage, impacting users across the decentralized platform. However, Mastodon’s team responded quickly and mitigated the issue within a few hours, restoring normal service.
Below is the timeline of the attack:
- April 20, 2026 at 12:58 PM – We are currently experiencing a DDoS attack. We are actively investigating the issue.
- April 20, 2026 at 3:05 PM – We have implemented countermeasure against the DDoS attack, and the site is accessible. We are continuing to monitor the situation.
- April 20, 2026 at 12:58 PM – We are currently experiencing a DDoS attack. We are actively investigating the issue.
A group called 313 Team claimed responsibility for the attack on Bluesky, but no threat actor has publicly taken credit for the Mastodon attack.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Pierluigi Paganini
(SecurityAffairs – hacking, DDOS)
