The attack was first reported on Sunday, when users noticed that any attempts to use the Facebook Login option on websites ended with their browsers being redirected to one of two alternative domains. Facebook itself says that it is investigating the problem, but there is little it can do as the code is being intercepted by China’s telecommunications infrastructure.
China has been redirecting traffic as part of DDoS attack method that some are calling the Great Cannon. The original attack took place in March, when anti-censorship watchdogs came under heavy internet traffic that threatened to shut their services down. However, while that incident had a clear intent, this current traffic redirection does not appear to have the same goal.
The domains being targeted are http://wpkg.org/my.js and http://www.ptraveler.com/pt.js . Neither of which have a connection with the Chinese government. Why the Great Cannon is being turned on them is completely unknown, but it has managed to cripple the latter website.
This could be the Chinese testing the capabilities of the Great Cannon, but the methods are equally as mysterious. For one, Facebook is mostly blocked in China; and most citizens instead use the Chinese equivalent in Sina Weibo. This means that the number of connections from within China is extremely limited, which would reduce the overall amount of traffic that can be redirected at a target.
Still, the Facebook Login hijack has been happening for the last few days and has shown no sign of stopping. Whatever is going on looks like it is only part of something bigger, which could potentially be a troubling sign for the internet.
[Source: The Verge]