GitHub Under DDoS Attack
Written by Alex Armstrong   
Monday, 30 March 2015

GitHub is suffering its largest distributed denial of service DDoS attack in its history. The traffic is targeting two urls related to Chinese civil rights and freedom of internet access.

Octocat

GitHub has been under a DDoS attack for a few days. It started on Thursday March 26 at 2AM UTC and has been continuing since then with occasional fluctuations. GitHub seems to be coping and there are no reports of users being locked out of repros or other content.  

The nature of the attack is varied, but one new approach is to use almost any innocent user visiting a Chinese website. According to Insight-labs blog, what is happening is that a device at the border of China's inner network and the wider Internet is hijacking the HTTP connections going to the Baidu analytics service and replacing the JavaScript tracking code with something that loads https://github.com/greatfire/ and https://github.com/cn-nytimes/ every two seconds. This means that any user visiting a Chinese website that uses Baidu analytics is taking part in the DDoS.

The first of these site is the GitHub page of GreatFire, a group that fights Chinese censorship - the name is a reference to the "Great Firewall of China" which is used to restrict access to Internet sites.

The second is a page that is used by a group providing a mirror of the New York Times so that it can get through the Great Firewall. 

The suspicion is that the attack is being organized by the Chinese government, which has been critical of GreatFire in the recent past.

The GitHub blog simply says:

" Based on reports we've received, we believe the intent of this attack is to convince us to remove a specific class of content."

If you find that your access to GitHub is slow then you now know the reason why.

Check the GitHub status site to find out what is happening.

 

Octocat

More Information

GitHub status site

Baidu’s traffic hijacked to DDoS GitHub.com

Large Scale DDoS Attack on github.com

Related Articles

Rowhammer - Changing Memory Without Accessing It

NTP The Latest Open Source Security Problem

Upgrade Git Client To Avoid Vulnerability

What Does The NSA Think Of Cryptographers?

Google Support For Free Internet       

 

To be informed about new articles on I Programmer, sign up for our weekly newsletter, subscribe to the RSS feed and follow us on Twitter, Facebook or Linkedin.

Banner

Clocks For The New Year 2024
31/12/2024

What could be a better time to indulge my interest in clocks?  Digital clocks, that is, but with a twist on how they present the time. So in the countdown to the rollover lets clock...


+ Full Story
Learn To Code With Scrimba
27/12/2024

Scrimba is an online interactive coding platform that aims to make learning to code fun and accessible. It offers courses on web development, including HTML, CSS, JavaScript and React and also has an  [ ... ]


+ Full Story
More News
 

espbook

 

Comments




or email your comment to: comments@i-programmer.info
Last Updated ( Saturday, 28 December 2024 )