The Chinese government allegedly used its own official Internet filters to carry out a massive denial-of-service attack against GitHub, say researchers
The Chinese government appears to have been responsible for the denial-of-service attack on web-based code repository GitHub carried out over the past several days, according to security researchers and those targeted.
The attack targeted GitHub’s mirrors of two websites blocked by China’s official Internet filtering system, according to researchers – those of activist organisation GreatFire and a Chinese edition of The New York Times.
“This attack was unusual in nature as we discovered that the Chinese authorities were steering millions of unsuspecting internet users worldwide to launch the attack,” GreatFire said in a statement.
Meanwhile, the attack, which consists of directing large amounts of traffic to two GitHub addresses, is ongoing but mitigation efforts have eliminated its effects as of Monday evening, according to GitHub.
“Mitigation remains effective and service is stable,” GitHub said via its status Twitter feed early on Tuesday morning, UK time.
The attack began on Thursday, and involved a “wide combination of attack vectors”, GitHub said at the time.
“These include every vector we’ve seen in previous attacks as well as some sophisticated new techniques that use the web browsers of unsuspecting, uninvolved people to flood github.com with high levels of traffic,” the service said in an advisory.
Security researchers determined that the Chinese government’s official filters, which monitor Internet traffic entering or leaving the country, were being used to direct malicious requests at GitHub.
“China is using their active and passive network infrastructure in order to perform a man-on-the-side attack against GitHub,” wrote Erik Hjelmvik, a researcher with Swedish security monitoring and forensics firm Netresec, in an advisory.
Other Baidu scripts seem to have been used in the attack, including those used for advertising and other services.
The attack didn’t require any infiltration of Baidu’s systems, as the company confirmed to
The Wall Street Journal. “After careful inspection by Baidu’s security engineers, we have ruled out the possibility of security problems or hacker attacks on our own products,” the company stated.
Are you a security pro? Try our quiz!