GitHub, the popular web based hosting service for software development, was hit with a massive Distributed Denial of Service (DDoS) attack from China for the past 24 hours. The attack started sometime on Wednesday, when Chinese web services company Baidu, started directing traffic to two specific GitHub pages.
One page, run by GreatFire and the other that handles Chinese translations of The New York Times were flooded with massive useless traffic from Baidu causing website to go down several times on Thursday night.
The DDoS attack is amplifying again. We are working to mitigate with all hands on deck.
Is Baidu really behind these DDoS attacks
Baidu has rejected allegations and ruled out any involvement in the attack. The Chinese giant said that its internal security has not been compromised and it did not intentionally direct any traffic to GitHub. The company released a statement saying that, “We’ve notified other security organizations, and are working together to get to the bottom of this.”
So who is actually behind these attacks, if not Baidu?
Baidu is known to serve advertisements and other codes to many websites around the world. However, when users sitting outside China, surf websites running Baidu codes, they are attacked with malware codes instead. So it is a great possibility that people who have access to the traffic at the border of China’s internet, also called as the Great Firewall of China, have injected malicious scripts into the HTTP connections of these visitors.
Since GitHub is worked over HTTPS, countries cannot block just a few of its pages. To stop GitHub, the whole website has to be down, which attackers eventually decided to do. Also, since, Baidu generates huge volumes of traffic; it became a perfect source weapon for attackers as GitHub could never handle such great traffic.