Some Ubuntu services are still down following outages after DDoS attack

News
By published

An Iraqi hacktivist group is claiming responsibility

Ubuntu 26.04 LTS
(Image credit: Ubuntu user @ndoki)
  • A sustained DDoS attack disrupted Ubuntu installs, updates, and Canonical’s web infrastructure
  • The outage lasted nearly a full day, affecting security APIs and multiple websites
  • An Iraqi hacktivist group claimed responsibility, using a booter service to launch the attack

Users are reporting being unable to install or update Ubuntu following a Distributed Denial of Service (DDoS) attack by Iraqi hacktivists, with Canonical, the company behind the popular Linux distribution, was also struck.

“Canonical’s web infrastructure is under a sustained, cross-border attack and we are working to address it. We will provide more information in our official channels as soon as we are able to,” the company said at the time.

Discussing the attack on unofficial Ubuntu forums, community members confirmed that the distro’s security API was affected, as well as multiple websites. Updates and system installs were also unavailable at the time.

Article continues below

Islamic Cyber Resistance in Iraq 313 Team

The attack was claimed by a group calling itself The Islamic Cyber Resistance in Iraq 313 Team. In a Telegram channel, the group allegedly said it used a DDoS-as-a-Service tool called Beamed to launch the attack.

Beamed is a booter (or stresser), a tool that allows users to “stress test” their website by paying for a DDoS attack. The service claims to be able to launch a 3.5 Tbps attack, half the power needed to deliver a record-breaking attack.

A DDoS happens when hundreds of thousands of internet-connected devices try to communicate with a single server, overloading it, forcing it to crash, and thus denying legitimate traffic any access. To create a DDoS service, the threat actors must gain control over these endpoints, which is usually done through malware. Using automated scripts and bots, the threat actors can look for vulnerabilities or weak login credentials and use the access to deploy different variants of malware.

After that, they can operate the instances through a unified dashboard. This access is then sold on the black market for a monthly fee. That fee can be anything from $10 for cheap services, to $500 a month for sustained, high-power attacks.

Via TechCrunch

Best antivirus software header
The best antivirus for all budgets

➡️ Read our full guide to the best antivirus
1. Best overall:
Bitdefender Total Security
2. Best for families:
Norton 360 with LifeLock
3. Best for mobile:
McAfee Mobile Security

Google logo on a black background next to text reading 'Click to follow TechRadar'

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds.

TOPICS
Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.