Github coding site hit by cyberattack
Anti-censorship tools targeted by attack from China, Wall Street Journal reports
GitHub, a popular social coding site for programmers, is fighting a days-long cyberattack that reportedly originates in China.
The U.S. coding site GitHub said on Sunday it was deflecting most of the traffic from the cyberattack that had caused intermittent outages. The Wall Street Journal cited China as the source of the attack.
"Eighty-seven hours in, our mitigation is deflecting most attack traffic," the GitHub Status account said in a tweet. "We're aware of intermittent issues and continue to adapt our response."
However, this morning, Github said the attack had evolved and it was "working to mitigate."
The DDoS attack has evolved and we are working to mitigate
—@githubstatus
GitHub supplies coding tools for developers and calls itself the world's largest code host.
The attackers paralyzed the site at times by using distributed denial of service, or DDoS, attacks, a technique commonly used to disrupt websites and computer networks, according to the Wall Street Journal.
Anti-censorship tools targeted
They pushed massive amounts of traffic to GitHub by redirecting overseas users of the popular Chinese search engine Baidu Inc, according to the Wall Street Journal.
The newspaper said they targeted two GitHub pages that link to copies of websites banned in China - a Mandarin-language site from the New York Times Co and Greatfire.org, which helps Chinese users circumvent government censorship.
A Beijing-based Baidu spokesman said a thorough investigation had determined it was neither a security problem on Baidu's side nor a hacking attack.
"We have notified other security organizations and are working to get to the bottom of this," the spokesman said.
On its blog, GitHub said the attack began early on Thursday and involved "every vector we've seen in previous attacks as well as some sophisticated new techniques that use the web browsers of unsuspecting, uninvolved people to flood github.com with high levels of traffic.
GitHub said it believed the intent of the attack was to convince the company to remove a specific class of content.
The Chinese government has repeatedly denied it has anything to do with hacking.
Asked about the report, Chinese Foreign Ministry spokeswoman Hua Chunying said China itself was one of the world's largest victims of hacking, and called for constructive international dialogue to tackle the issue.