Reddit’s involvement – whether good or bad – in the hunt for leads in the Boston bombings case does not appear to be the reason for ongoing site outages. For those who can access the service today, a banner is informing visitors that “site availability continues to be impacted by a malicious DDoS attack.”
The company announced that it was experiencing a DDoS early this morning, later confirming that the attack was indeed malicious – meaning, not a result of an influx of organic traffic to the site from those who had come to peruse the many high-profile threads discussing the suspects in the Boston bombings case.
As morning drifts into the afternoon, the Reddit DDoS now continues, though the company reports that it has mitigated part of the DDoS at this time. However, certain site functions will be disabled until Reddit has fully recovered, the official Reddit Status account informs users.
Naturally, there are now several Reddit posts regarding the DDoS with more information. Reddit admin/moderator “alienth” (aka Reddit Systems Admin Jason Harvey) posts that the site has not seen attacks at this scale before, and that the traffic levels are much higher than what the heavily visited Boston thread generated. “Orders of magnitude more. Also very obviously fake URLs were being slammed,” he noted in a post, sharing this image (see below) of the DDoS on Reddit’s backend systems.
The graph represents the requests that made it to Reddit’s secondary load balancing server. “What we’re facing is orders of magnitude larger than what natural traffic looks like,” he explains in his post.
Join 10k+ tech and VC leaders for growth and connections at Disrupt 2025
Netflix, Box, a16z, ElevenLabs, Wayve, Hugging Face, Elad Gil, Vinod Khosla — just some of the 250+ heavy hitters leading 200+ sessions designed to deliver the insights that fuel startup growth and sharpen your edge. Don’t miss the 20th anniversary of TechCrunch, and a chance to learn from the top voices in tech. Grab your ticket before doors open to save up to $444.
Join 10k+ tech and VC leaders for growth and connections at Disrupt 2025
Netflix, Box, a16z, ElevenLabs, Wayve, Hugging Face, Elad Gil, Vinod Khosla — just some of the 250+ heavy hitters leading 200+ sessions designed to deliver the insights that fuel startup growth and sharpen your edge. Don’t miss a chance to learn from the top voices in tech. Grab your ticket before doors open to save up to $444.
Harvey also says that the site is being aided by Akamai, its CDN, in helping to mitigate the attack.
For those of you who don’t understand hacking and DDoS attacks, one Redditor in the thread posted a link to this. We think it helps explain:
[youtube http://www.youtube.com/watch?v=W5fM6WpC_nE?feature=player_detailpage&w=640&h=360]
More to come.
Update: Though the Reddit Twitter account has not posted an update, the site is no longer showing the warning banner – and it appears to be functional.
