DDoS Attack Disrupts Ubuntu Services, Pro-Iran Group Claims Responsibility
Severity: High (Score: 72.0)
Sources: Techcrunch, Cybersecuritynews, Theregister
Summary
On May 1, 2026, Canonical, the company behind the Ubuntu Linux distribution, reported a sustained Distributed Denial-of-Service (DDoS) attack on its web infrastructure. The attack, attributed to the pro-Iran hacktivist group known as The Islamic Cyber Resistance in Iraq – 313 Team, began on April 30 and has caused significant disruptions, including the inability for users to download updates or access Canonical accounts. The group initially announced the attack would last four hours, but it has continued for over 20 hours, affecting multiple subdomains of Ubuntu's main website. The attackers have also indicated a shift towards extortion, threatening to continue the assault unless Canonical responds to their demands. The attack is notable for its scale, utilizing DDoS-for-hire services capable of generating traffic exceeding 3.5 Tbps. Canonical is actively working to restore services and has promised updates through official channels. Key Points: • Canonical's web services are under a sustained DDoS attack by The Islamic Cyber Resistance in Iraq – 313 Team. • The attack has disrupted access to Ubuntu's main website and critical services for over 20 hours. • The attackers have shifted from hacktivism to extortion, demanding a response from Canonical.