Pro-Iran Hacktivists Launch DDoS Attack on Canonical's Ubuntu Infrastructure
Severity: High (Score: 72.0)
Sources: Cybersecuritynews, Theregister
Summary
Canonical's web infrastructure is currently experiencing a sustained Distributed Denial of Service (DDoS) attack initiated by the pro-Iran hacktivist group known as The Islamic Cyber Resistance in Iraq, or 313 Team. The attack began on the evening of April 30, 2026, and has rendered Ubuntu's main website and several subdomains inaccessible, returning 503 errors. Despite Canonical's efforts to restore services, the attack has persisted for over 12 hours. The group has indicated a shift from hacktivism to extortion, threatening to continue the assault unless Canonical responds to their demands communicated via email. Users are unable to download Ubuntu versions or access their Canonical accounts due to the disruption. The motivations behind targeting Canonical remain unclear, although Ubuntu is one of the most popular Linux distributions. 313 Team has a history of similar attacks on other platforms, including eBay and BlueSky, in the past month. Key Points: • Canonical's infrastructure is under a sustained DDoS attack by the 313 Team. • The attack has rendered Ubuntu's main website and subdomains inaccessible for over 12 hours. • The group is shifting towards extortion, threatening to escalate the attack if demands are not met.