Ubuntu's official Twitter account posted a now-deleted tweet promoting a fake AI agent that directed users to a cryptocurrency scam. The incident follows a five-day DDoS attack on Canonical's web services that ended earlier this month.
The tweet, which appeared a few hours before publication on May 7, announced an AI agent named Numbat built on the Solana blockchain. It used Ubuntu branding, including references to the Noble Numbat codename for Ubuntu 24.04, and linked to the site ai-ubuntu.com. The page closely mimicked Canonical's design and prompted visitors to connect a crypto wallet after clicking buttons labeled Check eligibility or Explore Ubuntu AI.
