The decentralized social platform Mastodon said that its flagship instance mastodon.social suffered a large-scale distributed denial of service (DDoS) attack on Monday local time, making the website almost inaccessible for a period of time. A large number of users could only see error messages or full-screen downtime warnings when opening the page.

The Mastodon team issued a status update at approximately 7 a.m. ET on Monday morning, saying that it had confirmed it was experiencing a cyberattack and was investigating. By around 9:05 EST, Mastodon said it had enabled "countermeasures" against this DDoS attack and the site was currently accessible. However, officials also reminded that because the attack was still ongoing, the platform may still be unstable for a period of time.

The cyber attack on Mastodon occurred not long after another decentralized social service, Bluesky, dealt with its "tug-of-war" outage. Last week, Bluesky experienced frequent service outages due to DDoS attacks that lasted for several days. The platform subsequently stated in an update on April 17 that the attacks were still ongoing, but that the service had generally remained stable as of 9pm (Pacific Time) on April 16, and it reconfirmed the current stable situation in its latest note today.

Mastodon has not provided further explanation to the media on the specific cause or source of the attack. Judging from the screenshots of the event timeline released by Mastodon, this attack focused on its officially operated large-scale instance mastodon.social, but did not affect the many small and medium-sized instances that make up the Mastodon federation network. This means that even if the flagship server encounters severe interference, the entire decentralized social network will not be completely paralyzed, and users on other instances can still use the service relatively normally.

The so-called distributed denial of service attack means that the attacker initiates massive spam traffic requests to the target application or website server through a large number of devices at the same time, thereby exhausting its resources and making it impossible for normal users to access the service. This type of attack usually does not aim to steal data, but it will cause significant damage to service availability and greatly interfere with user experience. Security company Cloudflare said last year that it successfully blocked the largest DDoS attack to date, with a peak bandwidth of 29.7 Tbps, which is equivalent to flooding the target with data that could fill thousands of hard drives every minute. This shows that the power of such attacks has grown exponentially in recent years.

In the decentralized social network scenario, DDoS attacks often cause some service nodes to be unstable or even down. However, because the network is composed of multiple interconnected instances, not all users will be affected. Taking Bluesky as an example, some users were largely unaffected by the previous round of attacks after migrating their accounts to other service providers (such as Blacksky) that ran under the same protocol and interoperated with Bluesky. Similarly, this attack on Mastodon is currently focused on mastodon.social, with some smaller, geographically distributed instances remaining online.