Ubuntu still under DDoS attack.

AndrewF · ‎05-09-2026

Over the past couple of weeks, Canonical, the company that runs Ubuntu Linux, has been dealing with a distributed denial of service attack against their infrastructure, which includes the update servers and mirrors.

Briefly, the ubuntu.com domain was vandalized with a message from an Islamic Jihad group taking credit for the attack.

Over the following days/weeks, Canonical/Ubuntu made little or no statements about the ordeal, leaving the media and users to figure out what was happening by themselves. Since the servers that are under attack include security updates, those have been spotty too.

At some point, Canonical's X/Twitter accounts were also hacked and vandalized.

Eventually they got most of their websites back up and running, although they are now blocking everyone who uses a VPN or a Tor Exit Node.

This is a problem because people who are always on a VPN, now have to get off the VPN to check for updates. The OS can neither check nor offer security updates, in fact, you can't even install software from the APT repositories, or Snap (although Flatpak isn't affected because Flathub is not operated by Canonical).

At some point they seem to have resorted to fudging their infrastructure status, putting "green" on servers which are not actually accessible.

The whole thing has been a big mess. While I generally like Kubuntu 26.04 LTS, I may have to find another distribution that can actually handle a denial of service attack. Although I admit I have not been this amused with one since Steve Gibson the "security expert" was DDoSed by a 13 year old child in the late 90s and then actually decided to blog about it.

He was the one that made the big stink about how the world would end because Windows XP had TCP Raw Socket support, and got Microsoft to vandalize their own TCP/IP implementation in Windows XP SP2, even though 3 years had gone by without any issues related to raw socket support.

While they were in there, they decided to also set a very low limit for TCP Half-Open Connections.

I think this all had less to do with Security, and more to do with Microsoft realizing it wasn't TERRIBLY difficult to roll out Apache Server on Windows XP Home Edition and not pay extra for Windows Server.

FicoMike0 · ‎05-09-2026

That's a shame, canonical has done some great work.

I was a big fan of knoppix for years, until updates stopped. I frequently use fedora scientific now, it has tools like maxima preinstalked.

I also like mint, which is ubunta based.

crystal626 · ‎05-09-2026

I just installed Ubuntu 26.04. Downloaded it over a Proton VPN proxy, installed it, updated it while connected to Proton VPN. Updates are working fine. Seems like whatever mitigation they did as far as VPNs are concerned is done with or Proton just cycles IPs enough that it doesn't affect them.

5/16/2026

EX8 760
EQ8 787
TU8 782

19 cards TCL $235,250 ACL $12,382

AndrewF · ‎05-09-2026

@crystal626 wrote:
I just installed Ubuntu 26.04. Downloaded it over a Proton VPN proxy, installed it, updated it while connected to Proton VPN. Updates are working fine. Seems like whatever mitigation they did as far as VPNs are concerned is done with or Proton just cycles IPs enough that it doesn't affect them.

It's still messed up with Mullvad and I've also heard someone on Reddit say they were having issues while on NordVPN.

It's possible that the attackers were just cycling through VPNs and didn't happen to use Proton.

If this is still a problem in two months when my Mullvad runs out, I may switch to Proton.

iced · ‎05-10-2026

One of my biggest pet peeves about security breaches and DDoS incidents is the non-cybersecurity community's understanding of cybersecurity. The reality is that the overwhelming majority of bad guys (the "hackers") are nothing more than script kiddies with an unlimited amount of free time on their hands, and no amount of diligence or skill on the part of security experts and enterprise infosec teams can protect an imperfect environment forever against an attacker with unlimited time.