GitHub Again Hit by a new DDoS attack

GitHub hit by another major DDoS attack to because Chinese developers have been forced by police to remove projects of tools to circumvent “Great Firewall.”

The software collaboration site GitHub was hit by another DDoS on Tuesday morning that made the website unavailable to many users for several hours.


The GitHub platform already suffered a major DDoS attack in March, in that case the attacker exploited the redirection of users who were connecting to many other websites on the Internet. The attackers injected malicious JavaScript code into the pages of those websites that was responsible for the hijacking of their visitors to Github.

Visitors who tried to access several websites in Internet used has DDoS gunner, noticed that those websites was serving advertisements and tracking code from Chinese Baidu, the code used by attackers instructs browsers of visitors to those websites to connect every two seconds. The technique allowed the attackers to generate “an extremely large amount of traffic,” according to researcher Anthr@x from Insight-labs.

The DDoS variant run in March was conducted to hit two popular Github projects, the GreatFire and CN-NYTimes, that are two anti-censorship tools used to avoid censorship operated by China and circumvent The Great Firewall Of China.

This time the DDoS attack seems to be the consequence of the decision of the platform to remove software capable of bypassing the Chinese censorship.

On August 22, an open source project called ShadowSocks was removed from GitHub, the author explained that the police contacted him and asked him to stop working on the software and to remove it from GitHub. Shadowsocks is a secure SOCKS5 proxy plug-in protocol for Internet users, it is used to circumvent the Chinese Great Firewall.
According to the organization, another repository was recently removed from GitHub, GoAgent, another tool used to Chinese censorship.

“GoAgent’s Github repo is also removed today (Aug 25, 2015). GoAgent was the most popular circumvention tool in China. It relied on Google App Engine to tunnel traffic across GFW. It was hosted on Google Code(link is external) and later moved to Github.

The author phuslu deleted the repo without explanation but changed his account description to be “Everything that has a beginning has an end”.” states the organization. 

Pierluigi Paganini

FAIR USE NOTICE: Under the "fair use" act, another author may make limited use of the original author's work without asking permission. Pursuant to 17 U.S. Code § 107, certain uses of copyrighted material "for purposes such as criticism, comment, news reporting, teaching (including multiple copies for classroom use), scholarship, or research, is not an infringement of copyright." As a matter of policy, fair use is based on the belief that the public is entitled to freely use portions of copyrighted materials for purposes of commentary and criticism. The fair use privilege is perhaps the most significant limitation on a copyright owner's exclusive rights. Cyber Defense Media Group is a news reporting company, reporting cyber news, events, information and much more at no charge at our website Cyber Defense Magazine. All images and reporting are done exclusively under the Fair Use of the US copyright act.

Global InfoSec Awards 2022

We are in our 10th year, and these awards are incredibly well received – helping build buzz, customer awareness, sales and marketing growth opportunities, investment opportunities and so much more.


10th Anniversary Exclusive Top 100 CISO Conference & Innovators Showcase