- A sustained DDoS attack disrupted Ubuntu installations and updates and Canonical’s web infrastructure
- The outage lasted almost a full day and affected security APIs and several websites.
- An Iraqi hacktivist group claimed responsibility and used a bootstrap service to launch the attack.
Users report being unable to install or update Ubuntu following a distributed denial of service (DDoS) attack by Iraqi hacktivists, and Canonical, the company behind the popular Linux distribution, was also attacked.
“Canonical’s web infrastructure is under sustained cross-border attack and we are working to address it. We will provide more information on our official channels as soon as we can,” the company said at the time.
Discussing the attack on unofficial Ubuntu forums, community members confirmed that the distribution’s security API was affected, as well as several websites. System updates and installations were also not available at that time.
Article continues below.
Islamic Cyber Resistance Team 313 in Iraq
The attack was claimed by a group calling itself the Islamic Cyber Resistance Team 313 in Iraq. In a Telegram channel, the group reportedly said it used a DDoS-as-a-service tool called Beamed to launch the attack.
Beamed is a booter (or stressor), a tool that allows users to “stress test” their website by paying for a DDoS attack. The service claims to be able to launch a 3.5 Tbps attack, half the power needed to carry out a record-breaking attack.
A DDoS occurs when hundreds of thousands of Internet-connected devices attempt to communicate with a single server, overloading it, forcing it to fail, and therefore denying any access to legitimate traffic. To create a DDoS service, threat actors must gain control over these endpoints, which is typically done using malware. Using bots and automated scripts, threat actors can search for vulnerabilities or weak login credentials and use the access to deploy different malware variants.
After that, they can operate the instances through a unified dashboard. This access is then sold on the black market for a monthly fee. That fee can be anywhere from $10 for cheap services to $500 a month for sustained, high-powered attacks.
Through TechCrunch
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to receive news, reviews and opinions from our experts in your feeds.
