Pro-Iran crew turns DDoS into shakedown as Ubuntu.com stays down
Canonical, the company behind Ubuntu, is experiencing a sustained DDoS attack on its web infrastructure attributed to the pro-Iran hacktivist group 313 Team. Initially framed as a political act, the attack has shifted toward extortion, with the group demanding contact via a provided Session ID. The disruption has prevented users from accessing Ubuntu's main website and key services for over 12 hours, far beyond the initially announced four-hour window.
- ▪Canonical confirmed its web infrastructure is under a sustained, cross-border DDoS attack.
- ▪The pro-Iran hacktivist group 313 Team claimed responsibility and threatened to continue the attack unless contacted.
- ▪Ubuntu.com and many of its subdomains have been down for over 12 hours, disrupting downloads and account access.
- ▪The attack began as a hacktivist action but has evolved into a shakedown attempt, according to communications on Telegram.
- ▪Some Canonical services, including Archive and Discourse pages, remain accessible despite the ongoing disruption.
Opening excerpt (first ~120 words) tap to expand
Cyber-crime Pro-Iran crew turns DDoS into shakedown as Ubuntu.com stays down 313 Team tells Canonical: pay up or the packets keep coming Connor Jones Fri 1 May 2026 // 11:05 UTC Canonical says its web infrastructure is under attack after a pro-Iran hacktivist group instructed its members to target the open source giant. "I can confirm that Canonical's web infrastructure is under a sustained, cross-border Distributed Denial of Service (DDoS) attack" a Canonical spokesperson told The Register. "Our teams are working to restore full availability to all affected services.
…
Excerpt limited to ~120 words for fair-use compliance. The full article is at The Register.
Discussion
0 commentsMore from The Register
