• Home
  • cyber
  • Mastodon.social: Bluesky Back Online After DDoS Attack, as Iran-Linked 313 Team Takes Credit
cyber Cyber Attack

Mastodon.social: Bluesky Back Online After DDoS Attack, as Iran-Linked 313 Team Takes Credit

Apr 15, 2026 2 min read
Mastodon.social: Bluesky Back Online After DDoS Attack, as Iran-Linked 313 Team Takes Credit

Bluesky Recovers After Multi-Day DDoS Attack by Pro-Iran Hacking Group

Bluesky, the decentralized social media platform, restored full service on 20 April 2026 following a Distributed Denial-of-Service (DDoS) attack that disrupted operations for nearly five days. The incident began at 11:40 PM PDT on 15 April, when users reported feeds failing to refresh, followed by widespread outages including broken notifications, search functions, and thread access.

Bluesky confirmed the attack targeted its API, overwhelming servers with junk traffic to sever communication between the app and its backend. While the platform initially described the issue as "service interruptions," it later acknowledged a "sophisticated DDoS attack" that escalated throughout 16 April. The company provided updates via its status page and X (formerly Twitter), stating no evidence of unauthorized data access was found.

The attack was claimed by the 313 Team (Islamic Cyber Resistance in Iraq), a pro-Iran hacking collective known for targeting entities perceived as aligned with the U.S. or Israel. The group, which has recently disrupted Bahraini government websites, prioritizes disruption over data theft, often publicizing its attacks on Telegram. On 20 April, the same group briefly targeted Mastodon.social, though the federated platform’s distributed infrastructure mitigated the impact.

With 43.7 million users, Bluesky’s outage raised concerns about data security, but the company reiterated that DDoS attacks do not compromise user information. By 9 PM PDT on 16 April, the platform stabilized, and a final update on 20 April declared the incident resolved. The attack highlights the persistent threat of ideologically motivated cyber disruptions, particularly from groups leveraging social media platforms as high-profile targets.

Source: https://hackread.com/bluesky-online-ddos-attack-iran-313-team/

A New Social cybersecurity rating report: https://www.rankiteo.com/company/a-new-social

"id": "A-N1776868414",
"linkid": "a-new-social",
"type": "Cyber Attack",
"date": "4/2026",
"severity": "25",
"impact": "1",
"explanation": "Attack without any consequences"
{'affected_entities': [{'customers_affected': '43.7 million users',
                        'industry': 'Technology',
                        'name': 'Bluesky',
                        'type': 'Social media platform'}],
 'attack_vector': 'API',
 'customer_advisories': 'Updates via status page and X (formerly Twitter)',
 'data_breach': {'data_exfiltration': 'No evidence of unauthorized data '
                                      'access'},
 'date_detected': '2026-04-15T23:40:00-07:00',
 'date_publicly_disclosed': '2026-04-16',
 'date_resolved': '2026-04-20',
 'description': 'Bluesky, the decentralized social media platform, restored '
                'full service on 20 April 2026 following a Distributed '
                'Denial-of-Service (DDoS) attack that disrupted operations for '
                'nearly five days. The incident began at 11:40 PM PDT on 15 '
                'April, when users reported feeds failing to refresh, followed '
                'by widespread outages including broken notifications, search '
                "functions, and thread access. The attack targeted Bluesky's "
                'API, overwhelming servers with junk traffic to sever '
                'communication between the app and its backend. The attack was '
                'claimed by the 313 Team (Islamic Cyber Resistance in Iraq), a '
                'pro-Iran hacking collective.',
 'impact': {'data_compromised': 'No unauthorized data access',
            'downtime': 'Nearly five days',
            'operational_impact': 'Widespread outages, disrupted user '
                                  'experience',
            'systems_affected': 'API, notifications, search functions, thread '
                                'access'},
 'investigation_status': 'Resolved',
 'motivation': 'Ideologically motivated disruption',
 'post_incident_analysis': {'root_causes': 'DDoS attack targeting API with '
                                           'junk traffic'},
 'references': [{'source': 'Bluesky status page and X (formerly Twitter)'}],
 'response': {'communication_strategy': 'Updates via status page and X '
                                        '(formerly Twitter)',
              'containment_measures': 'Stabilized platform by 9 PM PDT on 16 '
                                      'April',
              'recovery_measures': 'Restored full service on 20 April 2026'},
 'threat_actor': '313 Team (Islamic Cyber Resistance in Iraq)',
 'title': 'Bluesky Recovers After Multi-Day DDoS Attack by Pro-Iran Hacking '
          'Group',
 'type': 'DDoS'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.