Pro-Iran crew turns DDoS into shakedown as Ubuntu.com stays down
Comments
ChrisArchitect
nubinetwork
That says resolved, but I had a hell of a time trying to run apt update still...
Lambdanaut
Does anyone know why Ubuntu would be targeted by pro-Iranian activists? I'm perplexed by the connection.
culi
Canonical partners with organizations like the U.S. Air Force (USAF) and Platform One to provide secure software and AI/ML capabilities. They have an entire DOD team.
leereeves
I can't find much info about that (especially with their website down). Is Canonical's work with the DOD more like Raytheon or Pizza Hut?
Raytheon: providing products specifically for the DOD
Pizza Hut: selling their usual product to the DOD
culi
Pizza Hut does not have a permanent DoD team. Canonical has actual contracts. You'll have to wait till their site is back up to read about it
https://canonical.com/blog/meet-the-canonical-federal-and-do...
leereeves
Pizza Hut has plenty of locations on military bases, each with a team dedicated to selling their product to the military.
culi
I see your point. To answer your original question, yes Canonical's military relationship is fundamentally different from Pizza Hut. More comparable to something like Palantir that sells SaaS or IaaS
leereeves
So more like Google, Microsoft, Amazon, Salesforce, and most big tech companies than either Pizza Hut or Raytheon? Perhaps most like Red Hat (who also sell to the DoD)?
I think it would be unusual to call them all military contractors (as you called Canonical in another comment).
input_sh
An actual answer because all you've received so far is complete nonsense: because they want press attention as they're using these attacks to advertise their DDoS-as-a-Service tool. Literally every single statement they release (on Telegram) includes text saying that their attacks are "100% powered by $websiteEndingWithDotSu".
They also attacked the likes of Vrbo, Expedia and eBay, but they get more press by targeting Mastodon, Bluesky, Ubuntu and the likes, so they go after those now. People are desperately trying to somehow tie those victims to some ideological nonsense, but it's just advertising.
everdrive
Almost certainly a target of opportunity. The UK has really made a point of staying out of this fight, but is also seen as a close ally of the US. Perhaps the calculus is:
- Iran was able to attack Ubuntu.com
- Iran sees it in its interests to stress the UK / US relationship (albeit in a small way)
ifwinterco
UK has been trying to thread the needle of staying out of what is obviously a complete cluster** of a war while also not annoying the US too much, but US bombers are taking off from air force bases in the UK to bomb Iran all the time.
Because of that and the general ingrained hostility of the permanent UK security state to Iran, they view us as a legitimate target albeit not a particularly important one because we’re just not that powerful anymore
PearlRiver
Yeah when Americans talk about how bad a deal NATO is they always conveniently forget the military bases. Most of their wars tend to involve Ramstein for example.
ifwinterco
Yep, also in my experience for some reason British people have a hard time understanding why this might be considered hostile from the people being bombed from our soil.
Even when given the example of roles reversed and asked how they would feel about France or Ireland if Russia had air bases in those countries they were using to bomb London, people just can’t see the issue.
In a sense we’re still under American occupation 80 years later, not just physically but more importantly in our minds
geerlingguy
Why would Ubuntu problems cause stress in the US/UK relationship?
CamouflagedKiwi
I suppose the idea was that Canonical is a UK-based company and they're being threatened by the US's enemy.
Having said that, I really can't believe that either Trump or Starmer will give a shit about this, especially given the recent friction in that relationship.
spwa4
Perhaps it's just that Iran believes it's only chance for victory is maximum public attention, and they don't have any real hacker know-how. So they pick a soft but well known target.
It's what they do to students inside Iran.
b00ty4breakfast
It's a well(ish) known org with well known product, and they seem to have been vulnerable. If they had attacked a deli in Newark, would we be having this conversation?
culi
Canonical literally has a DOD team. They are a military contractor
theultdev
Terrorists will generally target anything of opportunity.
It was also perplexing when Iran was shooting missiles at their allies, until you realize they aren't rational humans.
swat535
Which allies are you talking about? Gulf nations with US bases actively being used to kill their children?
sophrosyne42
You say "actively" as if it wasn'y a one-off event... maybe because Iran is forcing children to sit at IRGC checkpoints or other military targets?
None of the gulf countries allowed offensive US strikes to occur from their territory. Its all used to defend against attacks from Iran trying to kill Gulf country children.
dmix
> None of the gulf countries allowed offensive US strikes to occur from their territory.
Saudi Arabia did after Iran bombed their residential buildings and civilian airports.
UAE doesn't have any US bases but they got hit anyway.
sofixa
> maybe because Iran is forcing children to sit at IRGC checkpoints or other military targets?
The school that the US hit on the first day of the war had been a school, visibly and physically separated from the military base next to it: https://giftarticle.ft.com/giftarticle/actions/redeem/a43bac...
AlecSchueler
> they aren't rational humans.
Would you be able to point to any rational humans?
_DeadFred_
Maybe ones who don't follow supreme religious leaders that called for the gunning down of 3000 men, women, and children in the streets. And then approve beatings/the murder of doctors that treated them.
Imagine that being your moral leadership. And 3000 is the official Iranian number. Some claim as high as 30,000. Those religious leaders are calling for more murder/death in todays Friday prayers. I don't know how anyone who calls for (or especially signs off on in a religious theocracy) murder can be called spiritual leaders or anyone could follow their 'teachings' .
Edit: Just highlighting the horrors/behaviors you are normalizing/waive away as 'shared by everyone' with your statement 'but what humans aren't like this'.
AlecSchueler
> Maybe ones who ...
Ok but could you point to anyone or any people and tell me that they're rational? I didn't just ask for a possible condition of rationality and "maybe" feels like a very flimsy foundation for the acidity of what you're saying.
lossolo
I think you're conflating "rational" with "moral". The question was about rationality, and from their POV (given the goal of keeping the regime going) everything was rational.
spwa4
They have always done the same. Just attack everyone and then get the win by getting others to fight for them. Get the maximum reaction through PR/propaganda. It's how they came to power in the first place. It's how they got a massive leftist uprising to unseat the previous government.
Before and during 1979. They'd attack the security forces, deny their involvement and then blame the government for the response, which then was supposedly an attack (e.g. Khomeini would send armed men into protests then put out propaganda that security forces "fired at protestors"). Or argue that the response to their attack was disproportionate. Or argue that his forces "don't have any choice but to" ... etc. This has been the way their proxy forces fight (hamas, houthi's, hezbollah). Control and punish people who detail what their side does (they massacred their own soldiers and their own allies, not just once. This is why people argue they're not leftists: they massacred the leftist factions that helped them unseat the Shah government)
They never explain their own actions. If anything, they put them forth as rational. But more likely you'll never hear about them. Such as killing 30000 people in January when their propaganda efforts totally failed. That's what happened: due to devaluation a number of traders in the "Tehran Bazaar" (a set of streets with lots of stands) very publicly, including to tourists, complained that the government made their lives impossible through economic mismanagement.
They locked off the streets and started going through, killing everybody they possibly could, "clearing" the market as they called it. Men, women, a few children who were sent to buy bread for their families. A few hundred dead. (yes, the way the Iranian government fights has more than a few parallels to what the Nazi's did)
This then set off the large scale protests everywhere in Iran.
Btw: the Iranian tactics are obviously working to some extent. Hence it's probably rational to do this because
_DeadFred_
'gunning down 3,000 to 30,000 of your country's men, women, and children in the streets because they don't feel one gender should be forced to wear hats upon pain of abuse/rape/death is completely rational'
skeledrew
> until you realize they aren't rational humans
How did you get to that realization?
mrala
> It was also perplexing when Iran was shooting missiles at their allies, until you realize they aren't rational humans.
Ah yes, the classic “my enemies are ontologically evil” gambit.
CamperBob2
I'm not sure dismissing the people who invented the term "checkmate" as a bunch of irrational terrorists really works. They stared down Saddam Hussein, so how hard can it be to stare down Donald Trump?
Bombing Iran is like nuking an asteroid. Now, instead of one giant asteroid on a collision course with Earth, there are a half-dozen medium-sized radioactive asteroids on a collision course with Earth.
dirasieb
was iran a muslim theocracy when they invented the word “checkmate”?
congrats on the glorious past or whatever, in the actual present iran is a failed state ran and supported by loons
phs318u
Similar arguments could be made about the US republic. The land of Washington, Jefferson, Franklin and Lincoln, now also speed running its way to failed state status and being run and supported by loons.
DetroitThrow
They work with US military.
ranger_danger
313 Team claims their attack is vengeance for killing Khamenei.
_DeadFred_
Iran is targeting random ships crewed by third world/unaligned national crews in the straight. Iran's goal is do whatever it takes to put pressure. They are willingly threatening the food supply of large unaligned parts of the world because it gives them leverage/puts on pressure.
Iran's proxies murdered random grandmothers on Oct 7th and uploaded the video to the internet to get a message across in order to promote their agenda. Why would a random tech company be odd from people funding the murderer of grandmas and their entire families in their homes execution style?
The UK called in the ambassador from Iran this week because they were calling for Iranian expats in the UK to give up their lives for Iran (followed the next day by attacks on jews in the UK).
at-fates-hands
Canonical is a UK company, so its a symbolic attack against a Western agent. Ubuntu is used by a lot of tech companies so they knew this attack would get a lot of visibility in the tech community. I'm assuming they think this will garner support from the tech community as well.
shaftoe
Exactly as described in "how to win friends and influence people". Break their stuff and extort money.
thewebguyd
> I'm assuming they think this will garner support from the tech community as well.
I don't understand their thinking if this is the case. DDoSing widely used project is going to turn people against you, not generate support.
Gualdrapo
Still it feels quite odd that from all western tech companies (and several more influential than Canonical) they chose precisely one that is highly involved with open source
culi
All these comments saying it's just a salient target are making it up. Canonical is a military contractor. They literally have an entire DoD team. That's why they're being targeted. They're far from the only military contractor to be targeted by Iranian hackers this year
peyton
Is this written down anywhere? All I can find is an announcement from the group and a follow-up message threatening Canonical if they do not negotiate.
What does a DDoS accomplish if the contracts are signed and a team embedded?
Why take down security.ubuntu.com? Surely even cyber jihadis need security updates?
alephnerd
Welcome to war. This was why the Qatar attack was so destabilizing.
Iran's position is that any organization that is in any shape or form aligned with the US and West is a target.
And being an anti-war westerner won't help you. People are forgetting that the Iranian government detests Israel and the entirety of the West.
The core principals of the revolution which is the IRGC's entire ideological basis is reversing westoxification (Gharbzadegi) and returning to the norms of the Imam Husayn (Velayat-e Faghih).
leereeves
Judging from their behavior against their own people and their Islamic neighbors, it seems like the IRGC's hatred isn't limited to the West.
alephnerd
The whole point of the Islamic Revolution was to export it.
Khomeinei preached that Shia and Sunni is an arbitrary divide and that the ummah needed to be unified and guided by clerics (who just so happened to be Shia) and to purge decadent Western culture back to an idealized norm of the Imam Husayn.
In action, it meant funding insurgencies and revolutionary corps out of a mix of idealism and raw power projection, and those organs used to protect the revolution ended up taking over the entire state and economy for their own economic benefit.
Imagine if the Red Guard and the Gang of Four weren't purged in China in 1976 and the footsoldiers of the Red Guard became actual leaders - that is what Iran is today.
And like China under Mao during the Cultural Revolution, it alienated all of it's neighbors.
Westerners who dislike Israel or even the US think Iran would ally with them, but the entire regime views Westerners irrespective of political leaning with disdain. An undercurrent of the Iranian revolution was also Iranian nationalism and the view that Iran is a civilization state, and that the west and westerners are culture-less, decadent, loose, and immoral and that the entirety of western culture needs to be burnt to the ground (Gharbzadegi).
anotherviewhere
You should have seen so many lies about Iran by now to justify the neocolonial war against them: so why do you assume every time some newly reported "fact" about them to be true? Rather, you should assume the opposite.
throwuxiytayq
There is such a thing as being too open-minded to form an accurate perception of reality.
b00ty4breakfast
I think the saying is "so open-minded your brain fell out"
dirasieb
sometimes they don’t even have a brain to begin with
turdistheword
[dead]
Havoc
Sounds like they're picking on easy targets rather than relevant ones. Lame.
overtone1000
313 Team runs arch btw
kps
I'd have guessed Mint.
cineticdaffodil
Its so weird to have this stone age regime have such modern attack vectors, i guess the survival hunger games of rhe sanctions tought them this lesson.
Animats
Ubuntu.com seems to be fine right now. A bit slow, maybe. Ubuntu 26.04.LTS is out.
ramon156
Been down most of the day for me, as well as a bunch of related domains. Canonical's status page has them linked
CamouflagedKiwi
Not for me, I'm not getting any response from it.
z500
Loads for me, but not particularly quickly
sureste
It's loading, but very slowly.
dotancohen
That's just because everybody is checking if it is down.
I bet a fair number of websites would collapse under the curiosity load if it were published in major news outlets they they were down. When was the last time you went to nissan.com? But you'd probably go check if you heard it was down.
SoftTalker
Not loading for me right now.
_DeadFred_
dead here
54lasgf
This is really a weird target, as the article notes. Bluesky and Mastodon (?!) also had alleged attacks.
The companies that fund Trump's ballroom might like these targets.
gpm
Bluesky and mastodon both strike me as easy targets, they expose protocol level integration points that are probably reasonably expensive to serve and reasonably difficult to detect malicious actors on and/or throttle without significantly degrading the service.
I could see low budget attackers deciding that they were the most (not very much) bang for the (also not very much) buck that they could get...
Ubuntu.com doesn't fit that narrative though. I would have thought canonical would have the servers and skill to weather quite a large attack (on the other hand it did go down...)
jcgrillo
just now:
$ snap refresh
error: unable to contact snap storewing-_-nuts
Tangent, but I hate snap with the fury of a thousand suns. That single handedly pushed me to pop, then mint.
newsoftheday
Same, I use Kubuntu but yeah, I do keep snap disabled. Tried it several years ago, can't stand it. I do like Canonical and Ubuntu for servers and of course, Kubuntu for all our home machines, wife loves it too.
jcgrillo
Yeah it isn't great. I have stuck with Ubuntu because I have some peculiar hardware which is well supported. I have learned to live with it.
CivBase
> Why the group is targeting London-based Canonical remains unclear and no reason was given via its Telegram channel. It is presumably because Ubuntu is one of the most popular Linux distros.
Okay... so? I do not understand the connection between Linux and the US/Israel. You'd think Iran would be very pro-Linux since Windows is a very obvious liability for them.
Is there any reason to believe this attack even has anything to do with Iran? They could simply want money and they just happen to also be pro-Iran.
tempaccount5050
Maybe they're still mad about systemd.
loloquwowndueo
Systemd was NOT Canonical’s “fault”. They pushed upstart until Debian chose systemd, at that point it made no sense to resist assimilation like all other distros.
culi
It's not Linux, it's Ubuntu. Which is developed by Canonical. Which is a military contractor that has a permanent DoD team and works with the USAF. Which is bombing their country.
alephnerd
> I do not understand the connection between Linux and the US/Israel. You'd think Iran would be very pro-Linux since Windows is a very obvious liability for them
Canonical is a British company and the employees are westerners. That makes them targets in the eyes of Iran.
People are forgetting that the Iranian government detests Israel and the entirety of the West. The core principal of the revolution is reversing westoxification (Gharbzadegi) and returning to the norms of the Imam Husayn (Velayat-e Faghih). That's the whole crux of the Islamic Revolution and why the Islamic Revolutionary Guard Corp (IRGC) exists.
Open source and anti-war westerners are viewed opportunistically but with disdain.
aksss
Classic Scorpion and the Frog tale, or the older Farmer and the Snake. https://read.gov/aesop/094.html
aaron695
[dead]
Related:
Canonical/Ubuntu have been under DDoS for more than 15h
https://news.ycombinator.com/item?id=47972213