GitHub, a repository hosting service, has come under heavy distributed denial-of-service attack since last Thursday. The main targets appear to be Great Fire and CN-NY Times, both of which are projects that aim to assist Chinese citizens in circumventing government imposed bans on websites.
Great Fire and CN-NY Times are the most popular of a select set of anti-censorship projects hosted on GitHub that provide mirror links to blocked websites. In general, Great Fire offers Chinese citizens access to online sources like BBC.com and Google’s Blogger; while CN-NY Times mirrors the New York Times.
The attack comes from an unknown origin, but clues point towards the Chinese government as the main culprit. A Javascript injection linked to ads and tracking code from Baidu. The injected code simply forces connected computers to connect to GitHub.com every few seconds, creating a massive amount of traffic that has so far managed to cause two minor service outages so far.
We've deployed our volumetric attack defenses against an extremely large amount of traffic. Performance is stabilizing.
— GitHub (@github) March 27, 2015
GitHub has managed to put mitigation measures in place; and while it has been under attack for over 90 hours now, the site is still up and running.
Suspicion is that Chinese cybertroopers are attempting to clamp down on any source of dissent, and are now going after sources outside the country. GreatFire.org, a non-profit organisation, came under DDoS attack recently from a mystery source. Nobody has claimed responsibility for the attack, but it was suspected that the Chinese government was involved.
It looks like the hackers have managed to weaponise Baidu ads, and it is unlikely that the DDoS attack against GitHub will cease any time soon. At least not unless it starts to block connections coming from China, which is probably what the attacks are counting on.
[Source: The Register]
