Hacktivists have taken responsibility for bringing down the public-facing infrastructure of the popular Linux operating system distribution Ubuntu, along with Canonical, the company responsible for its development and maintenance. The attack started on Thursday, impacting services critical to Ubuntu users.
“Canonical’s web infrastructure is under a sustained, cross-border attack and we are working to address it. We will provide more information in our official channels as soon as we are able to,” the company stated on its website.
The attack is believed to be a distributed denial-of-service, or DDoS, where the target is flooded with junk traffic until it crashes.
Ubuntu developers have been discussing the attack on an unofficial Ubuntu community forum, noting that it affects Ubuntu’s security API and several Canonical websites. A post on a threat intelligence forum suggested the DDoS attack has prevented users from updating and installing Ubuntu. TechCrunch confirmed updates failed on a test device running Ubuntu.
As of now, the outage has lasted around 20 hours. Canonical did not respond to a request for comment.
Hacktivists identifying as The Islamic Cyber Resistance in Iraq 313 Team claimed responsibility for the DDoS attack on their Telegram channel.
The hackers reported using Beamed, a DDoS-for-hire service. Such services, also known as booters or stressers, allow individuals to launch DDoS attacks without technical skills or the necessary infrastructure to generate bogus traffic. This service claims to launch attacks exceeding 3.5 Tbps, about half of a cyberattack bandwidth that Cloudflare named the “largest DDoS attack ever recorded” last year.
Authorities like the FBI and Europol have long been tackling these services, taking down and seizing domains, and occasionally arresting those responsible.
For years, authorities such as the FBI and Europol have played a game of whack-a-mole against these services, taking down and seizing domains, and sometimes arresting the people behind them.