Ubuntu servers taken offline by 'sustained, cross-border attack'

Source: Hacker News

Affected URLs

According to a moderator on AskUbuntu.com, the following Ubuntu‑related URLs remained unavailable:

• security.ubuntu.com
• jaas.ai
• archive.ubuntu.com
• canonical.com
• maas.io
• blog.ubuntu.com
• developer.ubuntu.com
• Ubuntu Security API – CVEs
• Ubuntu Security API – Notices
• academy.canonical.com
• ubuntu.com
• portal.canonical.com
• assets.ubuntu.com

Incident Overview

Ubuntu and Canonical infrastructure went down hours after researchers released exploit code that allowed untrusted users in data centers, university settings, and elsewhere to obtain full root control of servers running virtually all Linux distributions, including Ubuntu.

The outage limited Ubuntu’s ability to publish security guidance to affected users. Updates, however, remained available from mirror sites.

Background on Stressor (Booter) Sites

Stressor sites—also known as booter or DDoS‑as‑a‑service platforms—have been operating for decades. They have repeatedly drawn law‑enforcement attention in multiple countries, yet comprehensive shutdowns have not succeeded. See an overview of their history on Ars Technica.

Current Status

It remains unclear why the Ubuntu infrastructure has stayed offline for an extended period, especially given the availability of numerous DDoS‑protection services, some of which are free.