Github is a popular coding website used by programmers to collaborate on software development it was hit by massive denial of service attack.It is it pissed off the wrong pro-censorship group: The attack is aimed at two popular Github projects, Great Fire and CN-NY Times, that help Chinese citizens get around their government's restrictive online censors to access blocked content.
The attack was originated from MITM-modified JavaScript files for the Chinese company Baidu's user tracking code, changing the unencrypted content as it passed through the great firewall of China to request the URLs github.com/greatfire/ and github.com/cn-nytimes/.
The Chinese government's dislike of widespread VPN usage may have caused it to arrange the attack, where only people accessing Baidu's services from outside the firewall would contribute to the DDoS. This wouldn't have been the first time China arranged this kind of "protest."
Github said, "We are currently experiencing the largest DDoS (distributed denial of service) attack in github.com's history. The attack began around 2AM UTC on Thursday, March 26, and involves a wide combination of attack vectors."
"These include every vector we've seen in previous attacks as well as some sophisticated new techniques that use the web browsers of unsuspecting, uninvolved people to flood github.com with high levels of traffic. Based on reports we've received, we believe the intent of this attack is to convince us to remove a specific class of content."
Baidu has denied any involvement in the attack, saying that while its internal security was not compromised, the company was not intentionally involved in any traffic redirection.
"We've notified other security organizations," the company said in a statement, "and are working together to get to the bottom of this." Early analysis seems to confirm this, and it's most likely that the scripts were hijacked as they crossed the Chinese Border.
