Geek

GitHub Facing Massive DDoS Attack From China


Update: GitHub is fully functional now.


GitHub is one the most popular websites among programmers and developers and is currently having 3.4 million users with 2.2 million active repositories. This software development web site used for collaborative projects is currently being hit by a massive and continuous DDoS (distributed denial) attack. It should be noted that earlier this week, China admitted that it is having an army of hackers.

THN writes that when GitHub users from outside countries come across advertisements and tracking codes served from Baidu, Chinese Internet giant, the Chinese attackers inject nasty JavaScript codes into those pages. This malicious code initiates the web browsers to connect to GitHub.com every 2 seconds without users’ permission. In turn, this drives a massive traffic to GitHub.

This was reported by a researcher who goes the name of [email protected] from InsightLabs.org. This GitHub DDoS attack specifically targets two GitHub projects named GreatFire and CN-NYTimes. These are the censorship tools being used to help the people to Chine to dodge The Great Firewall of China. Chinese government is known to censor Internet access in China. In simpler words, people residing outside China are being targeted for accessing things that the Chinese government hates, like, freedom of speech and expression.

Also read: Top Programming Languages on GitHub, JavaScript Tops the List


GitHub DDoS attack status messages

CN-NYTimes: The New York Times website is usually blocked in China, it’s a group hosting NYT mirror to ditch the ban.

GreatFire: It’s a very popular anti-censorship group on GitHub fighting against Chinese Internet censorship.

GitHub DDoS attack was reported as a service outage with following messages:

We’ve identified and mitigated a DoS attack that was impacting service. Service is recovering and we are monitoring the situation.

We’ve been under continuous DDoS attack for 24+ hours. The attack is evolving, and we’re all hands on deck mitigating.

We are continuing to defend GitHub against a very large DDoS attack.

The latest message on the GitHub website is:

The ongoing DDoS attack has shifted again to include Pages and assets. We are updating our defenses to match.


GitHub DDoS attack status messages

The researcher has analyzed the attack and came up with the infectious JavaScript code which is being injected for these GitHub DDoS attack. THN writes that the Chinese search engine titan Baidu has denied its intentional involvement in this GitHub DDoS attack and they are “are working together to get to the bottom of this.

Recommended article: China Finally Accepts it has an Army of Hackers

Are you using GitHub for software development and collaborative work? Tell us in comments!
Stay tuned for latest security and technology news from fossBytes!

To Top

Pin It on Pinterest

Share This