Basically, some attacker (suspected to be the Chinese government) hijacked Baidu (and Baidu users) to perform a DDoS attack on specific Github repos pertaining to GreatFire.org (a site dedicated to mirroring sites/content that were censored by the Chinese government).
The attack has since been addressed by GitHub (it relies on XSS, so GitHub was actually able to inject a Javascript `alert()` to each attack attempt; this not only warns the user that the site is doing naughty things, but also stops further JS execution IIRC), and it seems the attack itself has also stopped.
frewsxcv|11 years ago
Can anyone decipher this?
yellowapple|11 years ago
The attack has since been addressed by GitHub (it relies on XSS, so GitHub was actually able to inject a Javascript `alert()` to each attack attempt; this not only warns the user that the site is doing naughty things, but also stops further JS execution IIRC), and it seems the attack itself has also stopped.
More information: https://archive.today/jZ0zb
ubernostrum|11 years ago