GitHub Under DDoS Attack |
Written by Alex Armstrong |
Monday, 30 March 2015 |
GitHub is suffering its largest distributed denial of service DDoS attack in its history. The traffic is targeting two urls related to Chinese civil rights and freedom of internet access. GitHub has been under a DDoS attack for a few days. It started on Thursday March 26 at 2AM UTC and has been continuing since then with occasional fluctuations. GitHub seems to be coping and there are no reports of users being locked out of repros or other content. The nature of the attack is varied, but one new approach is to use almost any innocent user visiting a Chinese website. According to Insight-labs blog, what is happening is that a device at the border of China's inner network and the wider Internet is hijacking the HTTP connections going to the Baidu analytics service and replacing the JavaScript tracking code with something that loads https://github.com/greatfire/ and https://github.com/cn-nytimes/ every two seconds. This means that any user visiting a Chinese website that uses Baidu analytics is taking part in the DDoS. The first of these site is the GitHub page of GreatFire, a group that fights Chinese censorship - the name is a reference to the "Great Firewall of China" which is used to restrict access to Internet sites. The second is a page that is used by a group providing a mirror of the New York Times so that it can get through the Great Firewall. The suspicion is that the attack is being organized by the Chinese government, which has been critical of GreatFire in the recent past. The GitHub blog simply says: " Based on reports we've received, we believe the intent of this attack is to convince us to remove a specific class of content." If you find that your access to GitHub is slow then you now know the reason why. Check the GitHub status site to find out what is happening.
More InformationBaidu’s traffic hijacked to DDoS GitHub.com Large Scale DDoS Attack on github.com Related ArticlesRowhammer - Changing Memory Without Accessing It NTP The Latest Open Source Security Problem Upgrade Git Client To Avoid Vulnerability What Does The NSA Think Of Cryptographers? Google Support For Free Internet
To be informed about new articles on I Programmer, install the I Programmer Toolbar, subscribe to the RSS feed, follow us on, Twitter, Facebook, Google+ or Linkedin, or sign up for our weekly newsletter.
Comments
or email your comment to: comments@i-programmer.info |
Last Updated ( Monday, 30 March 2015 ) |