Skip to content ↓ | Skip to navigation ↓

GitHub has successfully restored service to its users following a distributed denial-of-service (DDoS) attack earlier this week.

According to ZDNet, the site’s code repository, which hosts code ranging from security systems to application frameworks as well as data dumps, first detected connectivity issues at approximately 10:39 BST (05:39 EDT) on Tuesday morning. The service then launched an investigation to diagnose the ongoing problems. By 6:38 EDT, GitHub’s teams determined that the issues were due to a DDoS attack.

The connectivity problems have been identified as a DDoS attack,” reads an update posted on Tuesday to GitHub’s status page. “We’re working to mitigate now.”

github ddos

The status page reveals that the site’s restoration efforts lasted for two hours. By about 10:00 EDT, service had been completely restored.

This is not the first time GitHub has suffered a DDoS attack. Back in October of 2013, the site reported downtime as a result of four separate DDoS assaults for just that month alone.

More recently, the service came under what has been called the largest DDoS attack in its history back in March of this year.

According to security researcher and blogger Anthr@x, the DDoS campaign lasted for more than 24 hours and presumably originated from the Chinese web services company Baidu. This site allegedly hijacked some of GitHub’s HTTP connections and replaced some Javascript files from Baidu with malicious ones. This tactic, in turn, redirected Internet traffic to GitHub pages operated by Greatfire.org, a Chinese anti-censorship website, and another mirroring a Chinese translation of The New York Times.

An investigation later determined that this attack was connected to an earlier DDoS campaign conducted against Greatfire.org.

“Millions of global internet users, visiting thousands of websites hosted inside and outside China, were randomly receiving malicious code which was used to launch cyberattacks against GreatFire.org’s websites,” the Great Fire analysis reveals. “Baidu’s Analytics code (h.js) was one of the files replaced by malicious code which triggered the attacks. Baidu Analytics, akin to Google Analytics, is used by thousands of websites. Any visitor to any website using Baidu Analytics or other Baidu resources would have been exposed to the malicious code.”

At the time of this writing, GitHub appears to be functioning normally. Nevertheless, it remains unclear who is responsible for this latest attack and whether it is at all connected to the DDoS campaign that occurred against GitHub and Greatfire.org back in March.