Bluesky Back Online After DDoS Attack, as Iran-Linked 313 Team Takes Credit
Bluesky recovers from 24-hour DDoS attack claimed by Iran-linked 313 Team.
Summary
Bluesky social network experienced a roughly 24-hour DDoS attack starting April 15, 2026, disrupting services for millions of users. The Iran-linked threat actor 313 Team (Islamic Cyber Resistance in Iraq) claimed responsibility on Telegram. Bluesky confirmed no data breach occurred and services stabilized by April 16 evening.
Full text
Security Cyber AttacksBluesky Back Online After DDoS Attack, as Iran-Linked 313 Team Takes Credit Bluesky is back online after a roughly 24-hour DDoS attack disrupted services, with the Iran-linked 313 Team claiming responsibility and no data breach reported. byDeeba AhmedApril 22, 20262 minute read Bluesky, the widely used alternative to Twitter/X, is back to normal after several days of outages that left the platform nearly empty. The issue began on 15 April 2026 at around 11:40 PM PDT, when feeds stopped refreshing. By the next morning, the whole thing had fallen apart as notifications didn’t show up, search was dead, and users couldn’t even open a thread. According to Bluesky’s official statement, the site was hit by a Distributed Denial-of-Service (DDoS) attack. In this case, hackers flooded the site’s API (Application Programming Interface), which carries information between your phone and the app’s servers, with junk traffic to jam the system, successfully cutting the communication lines for millions. Bluesky kept it understated while they fought to stay online, telling everyone on X.com– “We are experiencing some service interruptions and our team is working on the issue.” We are experiencing some service interruptions and our team is working on the issue. You can find the latest updates at status.bsky.app or follow @status.bsky.app.— Bluesky (@bsky.app) 2026-04-16T14:13:22.425Z Our team received a report of intermittent app outages at about 11:40pm PDT on April 15, 2026. They worked through the night to mitigate a sophisticated Distributed Denial-of-Service (DDoS) attack, which intensified throughout the day.— Bluesky (@bsky.app) 2026-04-16T23:47:25.963Z Who are the Attackers? While Bluesky didn’t want to guess who was behind it, a group of hackers calling themselves the 313 Team or the Islamic Cyber Resistance in Iraq started bragging about it on Telegram. 313 Team’s post on Telegram (source: Heise medien) These attackers have links to Iran and a habit of attacking sites they see as being on the side of the US or Israel. Just a few days later, on 20 April 2026, they also went after mastodon.social. However, the site didn’t suffer as much because its servers are spread out. For context, this group has been very active lately, with its most recent target being Bahrain. Last month, 313 Team launched a similar attack that jammed government websites. While other groups like Handala usually try to steal data, the 313 Team seems more interested in just causing a scene by shutting things down for a few hours to get attention than spying on users. They like to hop from one social network to another, and mostly just post screenshots of the sites they’ve attacked to show off. What about your data? With over 43.7 million users, any cyberattack on Bluesky is likely to raise concerns about the safety of their personal data. But the good news is that because a DDoS attack is just meant to crash the site, not breach into servers, your personal details are safe. Bluesky confirmed this in a post on 18 April, noting that it hasn’t seen “any evidence of unauthorized access to private user data.” The application has remained stable since approximately 9 PM PDT, April 16 despite ongoing Distributed Denial-of-Service (DDoS) attacks.We have not seen any evidence of unauthorized access to private user data.We will provide our next update on or before the morning of April 20.— Bluesky (@bsky.app) 2026-04-17T20:36:31.198Z By 20 April, Bluesky sent a final update saying the app was officially stable again. The application has remained stable since the evening of April 16 and we have seen no evidence of unauthorized access to private user data. Given the ongoing stability, this will be our final update.— Bluesky (@bsky.app) 2026-04-20T17:08:57.065Z However, the attackers repeatedly flooded the servers, but the platform’s cybersecurity team contained the attacks and restored normal service, suggesting the worst has passed. Deeba Ahmed Deeba is a veteran cybersecurity reporter at Hackread.com with over a decade of experience covering cybercrime, vulnerabilities, and security events. Her expertise and in-depth analysis make her a key contributor to the platform’s trusted coverage. View Posts 313 TeamBlueskyCyber AttackCyber CrimeCybersecurityDDOSIran Leave a Reply Cancel reply View Comments (0) Related Posts Hacking News Security Trump Hotels’ Booking System Hacked, Credit Card Data Stolen Hackers have targeted 14 Trump Hotels stealing personal and payment card data of customers again. The incident took… byWaqas Security iPhone Scams and Fraud Hacked versions of popular iOS games available on App Store Software pirates are distributing hacked and infected versions of iPhone apps by hijacking Apple’s enterprise developer program. Reportedly,… byWaqas News Hacking News Security OpenSubtitles Hacked- Data Breach Affected 7 Million Subscribers OpenSubtitles has acknowledged the data breach and confirmed that hackers managed to steal and leak email, hashed passwords,… byDeeba Ahmed Cyber Attacks Phishing Scam Newly Found Malware can steal bank details on Android phones ESET security researchers have discovered an Android malware targeting banking customers in Australia — The malware also bypasses… byAli Raza
Indicators of Compromise
- domain — bluesky.app
- domain — mastodon.social