Pro-Iran crew turns DDoS into shakedown as Ubuntu.com stays down
Source: Hacker News
Attack overview
Canonical confirmed that its web infrastructure is under a sustained, cross‑border Distributed Denial of Service (DDoS) attack.
“I can confirm that Canonical’s web infrastructure is under a sustained, cross‑border Distributed Denial of Service (DDoS) attack,” a Canonical spokesperson told The Register.
“Our teams are working to restore full availability to all affected services. We will provide updates in our official channels as soon as we are able to.”
At the time of writing, Ubuntu’s main website remains offline after several hours of downtime.
Group claim
The hacktivist group The Islamic Cyber Resistance in Iraq (also known as 313 Team) claimed responsibility for the 503 errors returned by Ubuntu’s site on Thursday evening. The group announced via its Telegram channel that the attack was scheduled to last four hours. More than 12 hours later the disruption continues, affecting the main site and many subdomains, though the Archive and Discourse pages are still reachable.
A follow‑up Telegram message to Canonical read like an extortion demand:
“There is a simple way out. We have emailed you with our Session Contact ID. If you fail to reach out, we will continue our assault. You are in an awful position, don’t be foolish.”
Impact
- Ubuntu’s main website and numerous subdomains are inaccessible.
- Users cannot download Ubuntu releases through the usual channels.
- Canonical account logins are also affected.
Canonical has pledged to provide regular updates as new information becomes available.
References
- Feds disrupt monster IoT botnets behind record‑breaking DDoS attacks
- Iran’s cyberwar has begun
- Polish cops bust alleged teen DDoS kit sellers – youngest just 12
- DDoS deluge: Brit biz battered as botnet blitzes break records
- Ubuntu service disruption details
- The Islamic Cyber Resistance in Iraq (313 Team) profile