Canonical says its web infrastructure is under attack after a pro-Iran hacktivist group instructed its members to target the open source giant.

"I can confirm that Canonical's web infrastructure is under a sustained, cross-border Distributed Denial of Service (DDoS) attack" a Canonical spokesperson told The Register. 

"Our teams are working to restore full availability to all affected services. We will provide updates in our official channels as soon as we are able to."

Known best for managing the development of Ubuntu, the distro's main website is down at the time of writing, and has been for several hours.

The hacktivist group The Islamic Cyber ​​Resistance in Iraq, aka 313 Team claimed responsibility for the 503 errors Ubuntu's website was returning on Thursday evening, announcing via its Telegram channel that the attack was scheduled to persist for four hours.

More than 12 hours later, the attack continues to disrupt Ubuntu's main website and many of its subdomains, although some, including its Archive and Discourse pages, remain up and running.

313 Team sent a follow-up message to its Telegram group, directed at Canonical, which indicates the group is veering away from hacktivism and toward full-on extortion: "There is a simple way out. We have emailed you with our Session Contact ID. If you fail to reach out, we will continue our assault. You are in an awful position, don't be foolish."

The service disruption at Ubuntu means users cannot download any versions of its distros through the usual channels, nor can they log into their Canonical accounts.

Canonical promised to provide regular updates when it has new information to share.

313 Team has claimed responsibility for similar DDoS attacks on the likes of eBay's Japan and US divisions, as well as BlueSky in just the past month alone.

Why the group is targeting London-based Canonical remains unclear and no reason was given via its Telegram channel. It is presumably because Ubuntu is one of the most popular Linux distros. ®