Evidence Links China to GitHub Attack

Security experts have said internet users outside China are unwittingly participating in a long running cyber attack on the coding site GitHub.

Researchers believe the nature of the attack makes the Chinese government the only "realistic source".

Earlier this week it was understood that the attack was thought to be decreasing in intensity and the Chinese government said it was "odd" that it had been accused of being responsible.

Github said that it had first noticed a large distributed denial of service attack last Thursday.

Four separate security measures have said that international web traffic to sites that use analytics tools provided by the search firm Baidu was being hijacked in China.

After verifying the research, Professor Alan Woodward of the University of Surrey said: "The upshot is that people from around the world... had their traffic redirected to swamp GitHub."

It is thought the attack was targeted at two pages on Github, one which was created by the anti-censorship group Greatfire.org and the other a Chinese language edition of the New York Times; both of which are banned by the Chinese authorities.

According to the analysis, published by Erik Hjelmvik who works for the firm Netresec, malicious code was inserted into a reply when browsers requested script from the Chinese firm's servers.

Researchers have said the method could be used on a multitude of sites that passed into and back out of China.

Rik Ferguson from the cybersecurity firm Trend Micro said: "Any site that makes the request for a cookie related to Baidu's analytics, that request could be replaced with malicious code."

A Github spokesman said the attack was the "largest DDos" in the site's history.

print this article

Return to internet news headlines
View Internet News Archive

Share with: