The attack which started on Wednesday, emanated from scripts belonging to the internet giant Baidu. The scripts began directing useless traffic to two specific GitHub pages: one run by GreatFire, and the other offering translations of The New York Times, in the process bringing the entire GitHub down. The useless dataflow resulted in a massive DDoS attack on GitHub and caused it to go down on many occasions throughout Thursday night. Server logs show a sudden drop in app server availability just before midnight, and page failure rates spiking to 100% just before 3am. Although according to admins, the attack is still ongoing, and recent tweets suggest a surge in attack volume on Friday morning.
— GitHub Status (@githubstatus) March 27, 2015 Though the attacks originated from scripts being hosted on the popular Chinese website, Baidu, it has denied any involvement in the attack. It released a statement saying that it was not involved in any traffic redirector nor was its internal security compromised. “We’ve notified other security organizations,” the company said in a statement, “and are working together to get to the bottom of this.” Security researchers from Insight Labs said that it was most likely that the scripts were hijacked as they crossed the Chinese Border. “A certain device at the border of China’s inner network and the Internet has hijacked the HTTP connections went into China, replaced some javascript files from Baidu with malicious ones,” wrote a researcher at Insight Labs. The Chinese web censorship beating and web traffic monitoring website GreatFire was subjected to a similar massive DDoS attack last week and was offline for more than 2 days. That attack and the current one on GitHub seems to suggest that the attackers want to DDoS any websites participating in circumventing the Chinese firewall and web censorship. Since GitHub is served over HTTPS, countries can’t block individual pages without blocking the entire site, a feature that’s proved extremely useful for anti-censorship services like Great Fire. #Update (30th March): GitHub continues facing Massive DDoS attack for past five days