Day FOUR of the GitHub web assault: Activists point fingers at 'China's global censorship'

Code repository warns of 'evolving' attacks


With the GitHub distributed denial-of-service (DDoS) attack nearing its fifth day of bombardment, the code-sharing upstart said it is holding up well under fire.

The site said as of Monday afternoon, Pacific Time, it is still operating at 100 per cent, despite a continuing flow of malicious traffic to its servers. GitHub said the attack "has evolved," but wouldn't provide any further information.

GitHub status page

GitHub's status page on Monday

When word of the assault first broke, security researchers suggested miscreants behind the attack were targeting GitHub projects that help circumvent the Great Firewall of China – a censorship apparatus that prevents access to anti-state websites.

It appears a JavaScript file served from within China by Baidu's advertising network is being intercepted by the country's border routers, and silently altered to fire repeated HTTP requests at GitHub.com.

People, millions potentially, from outside China visiting websites that use Baidu's ad network are being used to unwittingly attack the California-headquartered biz: their browsers silently bombard GitHub's servers while surfing websites that use Baidu's China-based network.

GitHub acknowledged the attack appeared to be targeting "a specific class of content," but stopped short of pointing the finger at China.

Anti-censorship campaign group Greatfire.org said in a blog post the attacks are an effort to shut down its GitHub-hosted project, and an extension of an attack on anti-censorship groups by Chinese authorities.

The blog itself appears to be taken offline at time of writing, along with the rest of the greatfire.org, though a cached page shows the entry in full.

The post confirms earlier reports that the attack is being carried out by malicious JavaScript code injected into unencrypted Baidu traffic.

"The URL to access our GitHub page is hardcoded into the malicious JavaScript," the group writes.

"Our page is still accessible ... The GitHub attack is still ongoing and the malicious JS is still being injected for approximately 1 per cent of foreign visitors to websites that are using elements from Baidu."

Greatfire goes on to point the finger for the attacks directly to the Cyberspace Administration of China (CAC). The group argues that the CAC is deliberately trying to weaponize its Great Firewall to perform international attacks.

"This is a frightening development and the implications of this action extend beyond control of information on the internet," the Greatfire team wrote.

"In one quick movement, the authorities have shifted from enforcing strict censorship in China to enforcing Chinese censorship on internet users worldwide." ®

Broader topics


Other stories you might like

  • Beijing probes security at academic journal database
    It's easy to see why – the question is, why now?

    China's internet regulator has launched an investigation into the security regime protecting academic journal database China National Knowledge Infrastructure (CNKI), citing national security concerns.

    In its announcement of the investigation, the China Cyberspace Administration (CAC) said:

    Continue reading
  • For a few days earlier this year, rogue GitHub apps could have hijacked countless repos
    A bit of a near-hit for the software engineering world

    A GitHub bug could have been exploited earlier this year by connected third-party apps to hijack victims' source-code repositories.

    For almost a week in late February and early March, rogue applications could have generated scoped installation tokens with elevated permissions, allowing them to gain otherwise unauthorized write or administrative access to developers' repos. For example, if an app was granted read-only access to an organization or individual's code repo, the app could effortlessly escalate that to read-write access.

    This security blunder has since been addressed and before any miscreants abused the flaw to, for instance, alter code and steal secrets and credentials, according to Microsoft's GitHub, which assured The Register it's "committed to investigating reported security issues."

    Continue reading
  • Xi Jinping himself weighs in on how Big Tech should deploy FinTech
    Beijing also outlines its GovTech vision and gets very excited about data

    China's government has outlined its vision for digital services, expected behavior standards at China's big tech companies, and how China will put data to work everywhere – with president Xi Jinping putting his imprimatur to some of the policies.

    Xi's remarks were made in his role as director of China’s Central Comprehensively Deepening Reforms Commission, which met earlier this week. The subsequent communiqué states that at the meeting Xi called for "financial technology platform enterprises to return to their core business" and "support platform enterprises in playing a bigger role in serving the real economy and smoothing positive interplay between domestic and international economic flows."

    The remarks outline an attempt to balance Big Tech's desire to create disruptive financial products that challenge monopolies, against efforts to ensure that only licensed and regulated entities offer financial services.

    Continue reading

Biting the hand that feeds IT © 1998–2022