Skip to content ↓ | Skip to navigation ↓

The popular coding website GitHub was hit with a massive denial-of-service (DDoS) attack late Thursday night, with some users experiencing intermittent service outages.

According to security researcher and blogger Anthr@x, the ongoing attack, which intensified on and off for more than 24 hours, appeared to originate from the Chinese web services company Baidu:

“A certain device at the border of China’s inner network and the Internet has hijacked the HTTP connections went into China, [and] replaced some javascript files from Baidu with malicious ones . . . every two seconds.”

Internet traffic was redirected to two GitHub pages – one ran by GreatFire, and another mirroring Chinese translation of The New York Times.

In a recent update on GitHub’s Status page and Twitter, the company announced this morning:

Some have speculated the attack comes as a message to reinforce Chinese web censorship, obfuscating the means for Internet users to evade the country’s firewall.

“This could be the work of a hacktivist or other group sympathetic to Chinese interests, and not an attack officially sanctioned by the Chinese government,” said Tripwire Senior Security Analyst Ken Westin.

“It is still speculative at this point that this is the work of Chinese censors; however, if Chinese censors are involved in this attack, it is quite brazen and dangerous, as they have essentially hijacked users’ browsers within their own borders to participate in an attack against a specific service in the U.S.”

Last week, – a group that aims to help Chinese Internet users to access blocked websites – underwent a similar DDoS attack, which flooded the site with nearly 2.6 billion requests per hour.

Tripwire University
  • Sad to hear that. The frequency of such attacks has increased dramatically over last couple of months where many popular networks have been hit by such malicious attacks.