Mastodon reports DDoS attack targeting its main server

Decentralised social networking platform Mastodon has confirmed that its main server was hit by a distributed denial-of-service (DDoS) attack on Monday, temporarily making parts of the service inaccessible and causing outages for users.

The company, which operates its flagship instance Mastodon. social, reported that users experienced error messages and full-page downtime warnings during the disruption, at around 7 a.m. ET, Mastodon said it had identified the incident and was actively investigating what it described as a cyberattack.

By 9:05 a.m. ET, the platform announced that it had deployed countermeasures to mitigate the attack and restore access to the site. While service was brought back online, Mastodon warned that intermittent instability could continue as the situation remained active.

The incident comes just days after another decentralised social platform, Bluesky, was hit by a prolonged DDoS attack that caused multi-day disruptions before the service stabilised. Bluesky confirmed on April 17 that although the attack was still ongoing, its platform had remained stable since April 16 at 9 p.m. PDT.

In Mastodon’s case, the company said the attack involved millions of malicious requests, consistent with a typical DDoS pattern aimed at overwhelming server infrastructure. So far, only the Mastodon social instance appears to have been targeted, while other servers across the broader Mastodon network remain unaffected.

A Mastodon spokesperson said the platform restored access within a few hours of the attack beginning. Andy Piper, Mastodon’s head of communications, emphasised that the decentralised structure of the Fediverse helped limit the impact.

“This is a decentralised nature of the Fediverse that is a true advantage,” Piper said. He noted that users on other Mastodon instances, as well as on other Fediverse-compatible platforms, were unaffected and able to continue using the network normally.

DDoS attacks function by flooding targeted servers with extremely large volumes of traffic, overwhelming systems and making services temporarily unavailable. While these attacks do not typically involve data theft, they can still cause significant disruption for users and services.

Security researchers have warned that DDoS attacks have become increasingly powerful in recent years. In 2025, cybersecurity firm Cloudflare reported mitigating what it described as the largest recorded DDoS attack, peaking at 29.7 terabits per second. Decentralised networks like Mastodon, and to affect individual servers rather than the entire ecosystem. This was also observed in the recent Bluesky incident, where users on alternative compatible servers were able to continue accessing the network even during outages.