Ubuntu and Canonical's online infrastructure has been completely offline for over 24 hours following a sustained distributed denial-of-service (DDoS) attack that began on Thursday morning. The prolonged outage has left the Linux distribution provider unable to communicate effectively with users during a critical security incident, preventing access to most official websites and direct server updates.
According to Canonical's status page, the company's web infrastructure is experiencing a "sustained, cross-border attack" that they are actively working to address. However, beyond this brief statement, Ubuntu and Canonical officials have remained largely silent since the disruption began. Whilst direct downloads from Ubuntu servers have been unavailable, users can still obtain updates through mirror sites, which continue to function normally.
A group claiming affiliation with the Iranian government has taken responsibility for the attack via posts on Telegram and other social media platforms. The attackers allegedly used Beam, a DDoS-for-hire service that markets itself as a server stress-testing tool but operates as a front for paid attacks against third-party websites. This same group has recently claimed credit for similar attacks on other major platforms, including eBay.
The timing of this outage is particularly problematic, as it occurred just hours after security researchers publicly released exploit code for a critical vulnerability affecting virtually all Linux distributions, including Ubuntu. This flaw allows untrusted users in data centres, universities, and other shared environments to gain root-level control over affected servers. The infrastructure collapse has severely hampered Ubuntu's ability to disseminate crucial security guidance to its user base during this vulnerable period.
Affected services include security.ubuntu.com, canonical.com, ubuntu.com, archive.ubuntu.com, and numerous other essential domains, according to moderators on AskUbuntu.com. The extended duration of the outage has raised questions about the company's DDoS mitigation strategies, particularly given the availability of numerous protection services, including free options. So-called "stressor" or "booter" sites offering DDoS-as-a-service have plagued the internet for decades, and despite law enforcement efforts across multiple countries, attempts to eliminate these services have proven largely unsuccessful.
Fuente Original: https://arstechnica.com/security/2026/05/ubuntu-infrastructure-has-been-down-for-more-than-a-day/
Artículos relacionados de LaRebelión:
- CPUID Supply Chain Attack Delivers Trojanised Software
- CanisterWorm Attack Spreads Across 47 npm Packages
- Asian Infrastructure Faces Web Server and Mimikatz Attacks
- Open VSX Attack Dev Account Compromised GlassWorm Spread
- Reprompt Attack Explotando Copilot con Spear Phishing
Artículo generado mediante LaRebelionBOT
No hay comentarios:
Publicar un comentario