Canonical/Ubuntu have been under DDoS
jtlebigot
171 points
55 comments
May 01, 2026
Related Discussions
Found 5 related stories in 86.5ms across 8,303 title embeddings via pgvector HNSW
- Canonical Under Attack ta988 · 59 pts · May 02, 2026 · 73% similar
- Pro-Iran crew turns DDoS into shakedown as Ubuntu.com stays down ndsipa_pomu · 79 pts · May 01, 2026 · 70% similar
- ubuntu.com is down scoops_ · 12 pts · April 30, 2026 · 65% similar
- Ubuntu servers taken offline by "sustained, cross-border attack" RattlesnakeJake · 114 pts · May 01, 2026 · 63% similar
- Why is Cloudflare protecting the DDoS'er (beamed.st) attacking Ubuntu servers? mystraline · 76 pts · May 05, 2026 · 58% similar
Discussion Highlights (14 comments)
Faaak
Tinfoil hat mode: a competitor wants to exploit copy.fail on some ubuntu servers, and is DDoSing canonical so that they can't update and thus patch the vuln
Wxc2jjJmST9XWWL
Noticed it because snap didn't work, snap has its own status page just fyi: https://status.snapcraft.io/
someperson
I like to imagine it's returning a 500 error response asking you to email rhonda@ubuntu.com
corvad
This seems to be pretty targeted, and with the services affected like livepatch and such this could indeed be an actor DDoSing to avoid patches rolling out for copy.fail
TonyTrapp
While the timing with the copy.fail patches mentioned by a few comments here seems suspicious indeed, I have seen this repeating over the last few weeks: packages.ubuntu.com was hardly reachable on some days, causing apt-get to take forever to update the system. They have been struggling hard recently, it seems. Best of luck to the people having to deal with this mess on a holiday!
jollymonATX
We are so broken as society ddos'n ubuntu is now a thing.
piker
Though this outage may be more related to the copy.fail upgrade cycle, it reminds me of a thought I've had recently in respect of agents. In the UK they have this issue called "TV pickup" ( https://en.wikipedia.org/wiki/TV_pickup ). TV pickup is where everyone in the UK watching a popular TV show gets up to boil a high-powered tea kettle at the same time on an ad break. This causes a temporary surge in electricity demand and leads to real outages. It was a mystery at first but now is accounted for. I suspect the global internet is facing an "agent pickup" problem where significant changes (e.g., releases of new frontier models or new package versions) puts unpredictable pressure on arbitrary infrastructure as millions of distributed agents act to address the change simultaneously.
mayhemducks
Maybe they could use this DDoS attack as their 17th round technical interview. Any candidate who successfully mitigates the attack would then make it to the 18th round. Win win!
sidewndr46
It's almost certainly related to preventing the roll out of copy.fail fixes. Someone held the capability in reserve until they had a good reason to use it.
dang
Related ongoing thread: Pro-Iran crew turns DDoS into shakedown as Ubuntu.com stays down - https://news.ycombinator.com/item?id=47975729 - May 2026 (59 comments)
SilentM68
Could this DDoS be affecting some components of https://ppa.launchpadcontent.net ? I know they're supposed to be down and up again, but I still get errors when I update Ubuntu :(
bastardoperator
No mitigation can stop Aisuru. Let's hope it's not that because the only end in sight is them getting bored and moving on to the next victim.
Bender
Anyone from Canonical shared any pcaps of the attack yet? Or perhaps a summary of packet types, sizes, payloads, TCP/IP header characteristics? State table statistics?
securicat
Explains why I needed to torrent Ubuntu 26.04 today. Even navigating to the alternative/mirror page to grab the torrent file was painful.