- A sustained DDoS attack disrupted Ubuntu installations, updates and Canonical’s web infrastructure
- The outage lasted almost a full day, affecting security APIs and multiple websites
- An Iraqi hacktivist group claimed responsibility, using a booter service to launch the attack
Users are reporting that they are unable to install or update Ubuntu following a Distributed Denial of Service (DDoS) attack by Iraqi hacktivists, in which Canonical, the company behind the popular Linux distribution, was also hit.
“Canonical’s web infrastructure is under an ongoing, cross-border attack and we are working to resolve it. We will provide more information in our official channels as soon as we are able to,” the company said at the time.
Discussing the attack on unofficial Ubuntu forums, community members confirmed that the distro’s security API was affected, as well as several websites. Updates and system installations were also not available at that time.
The article continues below
Islamic Cyber Resistance in Iraq 313 Team
The attack was claimed by a group calling itself The Islamic Cyber Resistance in Iraq 313 Team. In a Telegram channel, the group reportedly said it used a DDoS-as-a-Service tool called Beamed to launch the attack.
Beamed is a booter (or stresser), a tool that allows users to “stress test” their website by paying for a DDoS attack. The service claims to be able to launch a 3.5 Tbps attack, half the power needed to deliver a record-breaking attack.
A DDoS occurs when hundreds of thousands of Internet-connected devices attempt to communicate with a single server, overloading it, forcing it to crash, and thus denying legitimate traffic any access. In order to create a DDoS service, the threat actors must gain control of these endpoints, which is usually done through malware. Using automated scripts and bots, the threat actors can look for vulnerabilities or weak login credentials and use the access to deploy different variants of malware.
Then they can operate the instances through a unified dashboard. This access is then sold on the black market for a monthly fee. This fee can be anywhere from $10 for low-cost services to $500 per month for sustained high-powered attacks.
Via TechCrunch
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews and opinions in your feeds.
