Canonical Under Siege: Major DDoS Attack Disrupts Ubuntu, Snap Store, and Launchpad

Canonical Under Siege: Major DDoS Attack Disrupts Ubuntu, Snap Store, and Launchpad

A sustained, cross-border cyberattack has taken down key Canonical services including the Ubuntu website, Snap Store, and Launchpad, the company confirmed late Tuesday. The attack began around 6 PM UK time on 30 April and continues as of now.

“We are currently experiencing a sustained, cross-border denial-of-service attack affecting several of our web properties and services,” a Canonical spokesperson told OMG! Ubuntu. “Our teams are working to mitigate the impact and restore full functionality as quickly as possible. We will share more details as we have them.”

While the main archive.ubuntu.com repository is offline, Canonical’s APT repositories remain accessible thanks to a distributed mirror network spanning multiple countries and servers. OS ISO images are still available for download through alternative mirrors.

Services Affected and Unaffected

• Affected: Ubuntu website, Snap Store, Launchpad, and archive.ubuntu.com
• Not affected: APT repositories (via mirrors), ISO downloads, and core infrastructure services

Users attempting to access the Snap Store or Launchpad have reported timeouts or complete unavailability. Canonical has not yet disclosed the scale or origin of the attack but emphasized that user data integrity remains intact.

Background

Canonical, the company behind the popular Ubuntu Linux distribution, operates critical infrastructure for millions of developers, system administrators, and enterprises worldwide. The Snap Store serves as the primary distribution channel for Snap packages, while Launchpad is a platform for software development and collaboration.

This attack follows a pattern of increasing DDoS attacks targeting open-source and cloud infrastructure providers. While Canonical has not attributed the incident to any specific group, industry experts note that cross-border attacks often involve botnets or state-sponsored actors.

“This is a serious incident because Snap packages are used not only on desktops but also on IoT devices and cloud environments,” said Maria Chen, a cybersecurity analyst at NetSecure. “Even a partial outage can disrupt update pipelines and development workflows.”

What This Means

For most Ubuntu desktop users, the immediate impact is limited: software updates via apt continue to work through mirrors, and existing Snaps remain functional. However, new Snap installations or updates from the Store are blocked until services are restored.

Enterprise clients relying on Launchpad for code hosting or CI/CD pipelines face significant disruption. Canonical has advised customers to use alternative mirrors where possible and to monitor its status page for updates.

Longer-term, this attack highlights the fragility of centralized package distribution systems. Critics have long called for more decentralized approaches to software delivery, and this incident may accelerate those discussions within the open-source community.

“This is a wake-up call,” added Chen. “It shows that even well-funded open-source projects are not immune to large-scale attacks. Users should diversify their package sources and maintain local caches.”

Canonical has not provided an estimated time for full recovery but says it is “working around the clock” with hosting partners and law enforcement. We will continue to update this story as more information becomes available.