Github Hit by Massive DDoS Attack from China - BestCyberNews: Online News Presenter in the present world

BestCyberNews: Online News Presenter in the present world

Start knowing

test banner


Github Hit by Massive DDoS Attack from China

Github is a popular coding website used by programmers to collaborate on software development it was hit by massive denial of service attack.

It is it pissed off the wrong pro-censorship group: The attack is aimed at two popular Github projects, Great Fire and CN-NY Times, that help Chinese citizens get around their government's restrictive online censors to access blocked content.

The attack was originated from MITM-modified JavaScript files for the Chinese company Baidu's user tracking code, changing the unencrypted content as it passed through the great firewall of China to request the URLs and
 Baidu serves ads and other bits of code to websites all over the world. But when people outside China access a site that's serving Baidu's code, they get a special malware injection. 

It appears that people with access to the traffic on the border of China's internet often called the Great Firewall of China injected a malicious script into the HTTP connections of these visitors. The script directs web traffic back to Great Fire and CN-NY Times, flooding those sites with traffic.

The Chinese government's dislike of widespread VPN usage may have caused it to arrange the attack, where only people accessing Baidu's services from outside the firewall would contribute to the DDoS. This wouldn't have been the first time China arranged this kind of "protest."

Github said, "We are currently experiencing the largest DDoS (distributed denial of service) attack in's history. The attack began around 2AM UTC on Thursday, March 26, and involves a wide combination of attack vectors." 

"These include every vector we've seen in previous attacks as well as some sophisticated new techniques that use the web browsers of unsuspecting, uninvolved people to flood with high levels of traffic. Based on reports we've received, we believe the intent of this attack is to convince us to remove a specific class of content."

Baidu has denied any involvement in the attack, saying that while its internal security was not compromised, the company was not intentionally involved in any traffic redirection. 
"We've notified other security organizations," the company said in a statement, "and are working together to get to the bottom of this." Early analysis seems to confirm this, and it's most likely that the scripts were hijacked as they crossed the Chinese Border.

Author Venkatesh Yalagandula Follow us Google + and Facebook and Twitter