mastodon.social is currently experiencing a DDoS attack, according to the status page.

Reply to mastodon.social is currently experiencing a DDoS attack, according to the status page. on Mon, 20 Apr 2026 18:12:32 GMT

iampytest1@infosec.exchange — Mon, 20 Apr 2026 18:12:32 GMT

@reflex They have? I wasn't aware of that.

That does make me more skeptical of their claims.

Reply to mastodon.social is currently experiencing a DDoS attack, according to the status page. on Mon, 20 Apr 2026 18:09:52 GMT

reflex@retrogaming.social — Mon, 20 Apr 2026 18:09:52 GMT

@iampytest1 They have in the past blamed an outage on a DDoS only to later admit it was their own code. I won't assume they were telling the truth again without evidence.

Reply to mastodon.social is currently experiencing a DDoS attack, according to the status page. on Mon, 20 Apr 2026 18:05:05 GMT

iampytest1@infosec.exchange — Mon, 20 Apr 2026 18:05:05 GMT

@reflex I wouldn't take them not mentioning the DDoS in their update today as retracting their prior statements saying it was a DDoS. Since the previous post explicitly mentioned the DDoS was ongoing, I see the lack of a mention as more likely intended to convey the fact the DDoS was believed to be over (see https://bsky.app/profile/bsky.app/post/3mjwxhedylc2o).

I don't disagree that BlueSky should provide more details on the attack, but I'm hesitant to interpret the lack of information as evidence of dishonesty.
I also think BlueSky should address 313 Team claiming responsibility - even if they don't have evidence to refute or confirm that claim. It is possible BlueSky isn't aware of 313 Team's message, assuming it exists - I'm not sure when it came out, and no reliable source has reported on it.
They also might be cautious about involving themselves in the geopolitics of it, since actual confirmed attacks by Iran-based hackers have been in retaliation for the US and Israel's war (BlueSky is a US company).

Reply to mastodon.social is currently experiencing a DDoS attack, according to the status page. on Mon, 20 Apr 2026 17:52:48 GMT

reflex@retrogaming.social — Mon, 20 Apr 2026 17:52:48 GMT

@iampytest1 I mean, they just issued a final update and dropped the DDoS claim entirely, so there is that.

https://retrogaming.social/@mastodonmigration@mastodon.online/116438282348210206

Reply to mastodon.social is currently experiencing a DDoS attack, according to the status page. on Mon, 20 Apr 2026 17:51:38 GMT

iampytest1@infosec.exchange — Mon, 20 Apr 2026 17:51:38 GMT

@reflex BlueSky's employees and spokespeople have called it a DDoS, and I assume that is based on backend data showing the traffic didn't have some normal origin.

What evidence is there to suggest BlueSky's assessment is wrong, or that they are lying about the cause of the outage?

Furthermore, 313 Team - a group affiliated with Iran - has reportedly claimed responsibility for the attack.
That said, I have not been able to independently confirm 313 Team's message as I don't have a Telegram account, and they have lied before about being responsible for outages which in actuality weren't cyberattacks.

Reply to mastodon.social is currently experiencing a DDoS attack, according to the status page. on Mon, 20 Apr 2026 17:17:27 GMT

reflex@retrogaming.social — Mon, 20 Apr 2026 17:17:27 GMT

@iampytest1 So far no evidence has been presented to support the narrative that BlueSky was DDoS'd either.

Reply to mastodon.social is currently experiencing a DDoS attack, according to the status page. on Mon, 20 Apr 2026 16:49:43 GMT

iampytest1@infosec.exchange — Mon, 20 Apr 2026 16:49:43 GMT

Last week, Mastodon competitor BlueSky also experienced a DDoS.
Currently, no evidence suggests a connection between the two attacks.

https://techcrunch.com/2026/04/17/its-not-just-you-bluesky-is-sorta-down/