Pierluigi Paganini March 28, 2015

The Chinese Government is suspected for the large-scale distributed denial of service (DDoS) attack that hit the popular GitHub website.

The popular coding website Github suffered a large-scale distributed denial of service (DDoS) attack that lasted more than 24 hours starting from Thursday night.

The attack exploited the redirection of users who were connecting to many other websites on the Internet. The attackers injected malicious JavaScript code into the pages of those websites that was responsible for the hijacking of their visitors to Github.

The researcher analyzed the JavaScript code used in the attack and it appears like a sample of code available on pastebin.

Visitors who tried to access several websites in Internet used has DDoS gunner, noticed that those websites was serving advertisements and tracking code from Chinese Baidu, the code used by attackers instructs browsers of visitors to those websites to connect GitHub.com every two seconds. The technique allowed the attackers to generate “an extremely large amount of traffic,” according to researcher Anthr@x from Insight-labs.

The attackers have chosen the Baidu search engine because it has an impressive amount of visitors that were recruited with this technique in the attack that resulted in the massive flood of traffic on the Github website.

In time I’m writing Baidu denied any responsibility for the redirection mechanism exploited for the DDoS attacks:

“We’ve notified other security organizations,” states the company in an official statement, “and are working together to get to the bottom of this.“

GitHub confirmed that the distributed denial-of-service attacks, caused irregular outages of the service.

The experts speculate that the attackers are linked to the Chinese Government that used the browsers of unaware users to hit a website not “aligned” to the Government of Beijing.