GitHub Faces Massive Denial Of Service (DDoS) Attack From China

Mar 27, 2015

—

by

Some time Wednesday, GitHub was hit with a massive denial of service (DDoS) attack from China based internet search giant Baidu. Insight Labs reports that Baidu began directing traffic to two specific GitHub pages: one run by GreatFire, and another mirroring Chinese translations of The New York Times. GitHub started receiving massive flood of traffic on Wednesday, which built for more than 24 hours before causing partial outages Thursday night and page failure rates spiking to 100% just before 3 AM.

One of the author/researcher of Insight Labs, Anthr@X, found Baidu is responsible for this attack – when he was browsing one of the most popular Chinese infosec community in China, zone.wooyun.org. His browser suddenly started to pop up JS alerts every 5 seconds trying to load two URLs: github.com/greatefire/ and github.com/cn-nytimes/ every a few seconds. After some digging he found that this is caused by Baidu user tracking code – which is similar to Google Analytics.

Baidu has denied any involvement in the attack, saying that while its internal security was not compromised, the company was not intentionally involved in any traffic redirection.

We’ve notified other security organizations and are working together to get to the bottom of this.

Baidu

Early analysis from Insight Labs confirms this and it is most likely that the scripts were hijacked as they crossed the Chinese Border.

A certain device at the border of Chinas inner network and the Internet has hijacked the HTTP connections went into China, replaced some JavaScript files from Baidu with malicious ones,

Anthr@X – Author, Insight Labs

After more than 24 hours, the attack still continues and recent tweets suggests that GitHub admins had deployed their volumetric attack defenses and performance is stabilizing. But still GitHub.com is intermittently unavailable for some users and GitHub is aware of this and working on restoring service for all users.

We’ve deployed our volumetric attack defenses against an extremely large amount of traffic. Performance is stabilizing.

GitHub Status (@githubstatus) March 27, 2015

We’re aware that http://t.co/IEoI8IWMw9 is intermittently unavailable for some users during t… See more at https://t.co/Z4QAKh0oGe.

GitHub Status (@githubstatus) March 27, 2015

You can follow GitHub status tweets or visit Status.GitHub.com for current status.

Source: Insight Labs

Tags:

Baidu, China, DDoS, GitHub, Online Security, Security

Edward Ramamoorthy

I work for one of the top 10 tech companies in India. In my spare time, I write for PrimeInspiration.com.

Help Us Grow

If you like this post, please share it with your friends.

You are free to copy and redistribute this article in any medium or format, as long as you keep the links in the article or provide a link back to this page.