Mastodon’s flagship server was hit by a distributed denial-of-service attack on Monday, the social networking software maker said, rendering the app unusable at times.
Much of the site was inaccessible, throwing error messages or displaying a full-screen shutdown warning.
The makers of the decentralized social networking software, which works official mastodon.social example, he said to a status update around 7 am ET on Monday that it was investigating the cyber attack.
By 9:05 am ET, Mastodon said it implemented a “countermeasure against the DDoS attack and the site is accessible.” However, the company warned that some volatility may continue to be experienced as the attack progresses.
The cyber attack targeting Mastodon comes days after Bluesky, another decentralized social network, resolved many of its multi-day outages following a lengthy DDoS attack. From Bluesky’s modernize on April 17, the DDoS attack continues, but its service is stable as of April 16 at 9 p.m. PDT. Today’s update confirmed continued stability.
Mastodon representatives did not immediately comment on the cause of the cyberattack when contacted by TechCrunch.
Distributed Denial of Service (DDoS) attacks rely on sending massive amounts of spam web traffic to an application’s or website’s servers, with the goal of knocking them offline. These cyber attacks do not involve data theft, but DDoS attacks can be annoying for users.
DDoS attacks have become exponentially more powerful over the years. Last year, network security firm Cloudflare said it mitigated what it says was the largest DDoS attack to date, measuring a peak speed of 29.7 terabits per second, equivalent to filling thousands of hard drives with data every minute.
When targeting decentralized social networking services, attacks can cause instability and outages, but not everyone is offline. In the case of Bluesky, for example, those who had transferred their account to other providers, such as Blacksky, which operate on the same protocol and interoperate with Bluesky, were not affected.
Likewise, the attack on Mastodon has so far only targeted the largest server (mastodon.social) and not the many smaller instances that make up the full Mastodon social network.
