Ubuntu Hit by Sustained DDoS Attack, 313 Team Demands Ransom #cybersecurity #ubuntu #ddos

Canonical confirmed Ubuntu's web infrastructure has been under a sustained DDoS attack since Thursday evening. The 313 Team claimed responsibility — with an extortion message attached. The 313 Team is an Iran-aligned hacktivist group active since 2023, with previous targets including Kuwaiti and Bahraini government sites, US military pages after the strikes on Iran last summer, and TruthSocial. They claimed responsibility on Telegram, said they're running this attack through a paid DDoS-for-hire service called Beamed, and emailed Canonical a Session contact ID demanding the company reach out to negotiate. The Register described it as a pivot from pure hacktivism toward a shakedown. ubuntu.com, security.ubuntu.com, login.ubuntu.com, the Snap Store, Snapcraft, Launchpad, MAAS, the Livepatch API, and Landscape are all returning 503 errors; APT package mirrors and ISO downloads stayed up. The DDoS started Thursday evening, while patches for the CopyFail Linux kernel vulnerability (CVE-2026-31431) were rolling out across major distros — admins trying to verify Ubuntu Security Notices hit the same 503 wall. Sources: The Register: https://www.theregister.com/2026/05/01/canonical_confirms_ubuntu_infrastructure_under/ Canonical's statement: https://discourse.ubuntu.com/t/update-concerning-ddos-attack-on-canonical-and-ubuntu/81482 TechCrunch: https://techcrunch.com/2026/05/01/ubuntu-services-hit-by-outages-after-ddos-attack/ OMG! Ubuntu: https://www.omgubuntu.co.uk/2026/05/ubuntu-websites-ddos-attack Tom's Hardware: https://www.tomshardware.com/tech-industry/cyber-security/canonical-under-sustained-ddos-attack-as-ubuntu-26-releases-iranian-group-313-team-claims-responsibility More on cybersecurity, privacy, scams, and homelab on Hake Hardware. New shorts every weekday.