nettime little_birdie on Sat, 28 Mar 2015 06:07:56 +0100 (CET) |
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
<nettime> Why Baidu Has Been Hijacked to Attack Github |
<https://webcache.googleusercontent.com/search?q=cache:CeVJaTqfuZkJ:https://iyouport.com/archives/25775+&cd=1&hl=en&ct=clnk> Why Baidu Has Been Hijacked to Attack Github 2015-03-27 Editor By: Larry Salibra Baidu's content data network (CDN), the computers that serve Baidu analytics and Baidu ads has been hijacked and is being used to launch a distributed denial of service (DDOS) attack on popular developer tool Github. The China Twitterverse has been buzzing today[1] with reports of weird javascript errors[2] on sites linking to Baidu assets (like Baidu analytics) when accessed outside of the Great Firewall. [1] https://twitter.com/bridgers/status/581325734490157056 [2] https://twitter.com/Hexcles/status/581332596782575616 equests to Baidu's content data network are being intercepted and sending back some javascript code instead of the original requested file. The javascript code instructs visitors browsers to request the Github pages of anti-censorship group Greatfire[3] and the Chinese language edition of the New York Times.[4] These groups turned to a developer source code control tool to host their information with the knowledge that China was unable to block Github because of the huge cost to its technology industry. [3] https://github.com/greatfire/wiki [4] https://github.com/cn-nytimes/mirrors This DDOS attack is interesting for a few reasons: 1. It leverages unsuspecting website visitors with uncompromised machines to create a DDOS attack 2. It makes a China based attack appear to come from outside of China by only inserting the compromising javascript code in Baidu CDN requests made outside of China3. It attacks one of the most popular developer site that the Great Firewall has tried unsuccessfully to block in the past because of Chinese developer backlash 3. It appears to be an attempt to pressure Github, a non-news organization, to censor content that China objects to. 4. This outbound attack appears to be originating from the government controlled Great Firewall. More information and detailed technical analysis here[5] and demo video[6] by Seven Shippo.i[8] [5] http://insight-labs.org/?p=1682 [6] https://www.youtube.com/watch?v=l6eAtcwT5Pc [8] https://twitter.com/Shippo7 转图 Posted in 新闻 Tagged DDOS, GFW
# distributed via <nettime>: no commercial use without permission # <nettime> is a moderated mailing list for net criticism, # collaborative text filtering and cultural politics of the nets # more info: http://mx.kein.org/mailman/listinfo/nettime-l # archive: http://www.nettime.org contact: [email protected]