GitHub.com, a popular software forum site used not only by developers by but also by Chinese internet users that want to avoid the country’s censorship is the new victim of a powerful cyber attack that, according to security experts, was organized by Chinese hackers.
The San Francisco-based company stated its site had gone through “the largest denial-of-service attack” as hackers flooded the site with traffic in order to affect the server’s performance. The attack was based on a “wide combination of attack vectors” including such techniques as the use of people’s web browsers in order to wear down the site with “high levels of traffic”.
Company representatives stated the possible reason behind this attack – hackers probably want the site to “remove a specific class of content”. There was no additional information regarding the type of data that was being targeted but the site is frequently utilized by Chinese internet users in order to access copies of sites currently banned in China. One of those copies is that of a site run by Greatfire.org which helps Chinese users bypass government censorship.
According to security experts, the attack probably came from China, through web browsers of foreign guests to Baidu.com, the Chinese search engine, secretly redirected to GitHub, flooding the site with large amounts of traffic.
China denied access to the GitHub website in 2013.
Adam Fisk from Getlantern.org, a website that offers tools to circumvent China’s “Great Firewall” and holds its installing packages on GitHub, considers that this type of DDOS attack could have important consequences on the company making it lose thousands of dollars daily. He added that the attack might have been with the purpose of making GitHub remove certain content. In his opinion, GitHub is an important code depositing space.
He made the following statement:
“The more disturbing strategy shift this represents is that the Chinese are going after sites such as GitHub not through blocking but through denial of service attacks. It seems like what they are doing is trying to bend GitHub to their will, to intimidate them.”
Luckily, the attack wasn’t that powerful, as GitHub managed to maintain most of the site online during the cyber invasion. Regular status updates were posted, in regards to the server’s flooding with high amounts of traffic. The posts also included information regarding the hackers’ switching between different areas of the forum.
Image Source: The Hacker News