Home / Technology / Ubuntu Under Siege: Cyber Attack Cripples Websites
Ubuntu Under Siege: Cyber Attack Cripples Websites
2 May
Summary
- Ubuntu's web infrastructure is experiencing a sustained, cross-border DDoS attack.
- An Iranian-linked hacking group claims responsibility for the ongoing assault.
- The attack coincides with the disclosure of a critical Linux vulnerability.
Canonical, the developer behind the Linux distribution Ubuntu, confirmed on Friday that its web infrastructure is under a significant, ongoing DDoS attack. The assault began on Thursday, overwhelming servers and causing disruptions to Canonical's main website and the Ubuntu.com domain. Access to related pages has been intermittent.
A hacking group known as the Islamic Cyber Resistance in Iraq, or the 313 Team, has claimed responsibility for the cyberattack via Telegram. This group has issued an extortion demand, offering a ceasefire in exchange for communication. They also claim to be utilizing a new DDoS-for-hire service, Beamed, targeting multiple Ubuntu-related domains.
The timing of this attack is particularly inconvenient as Canonical recently issued an advisory regarding a critical Linux flaw dubbed "Copyfail." This vulnerability, disclosed on Thursday, allows local users to gain root privileges on affected Linux-based operating systems, which include all distributions released since 2017. Mitigation advisories have been difficult to access due to the ongoing DDoS.
The cyberattack occurs amid heightened tensions between the US and Iran, which has seen an increase in Iranian-linked hacking activities. While the direct ties of the 313 Team to the Iranian government are unclear, the group has expressed anti-Israel and anti-US sentiments. The 313 Team has also claimed responsibility for recent DDoS attacks on eBay and Bluesky.
