Anti-Censorship GitHub Pages Under DDoS Attack From China

March 27, 2015 Updated: March 29, 2015

The online coding platform GitHub has been under a large-scale distributed denial-of-service (DDoS) attack that cyber-security experts pinpoint as originating from China. The attack was being launched from devices that had visited the Chinese search engine Baidu.

“We are currently experiencing the largest DDoS attack in’s history,” GitHub said in a blog post. “These include every vector we’ve seen in previous attacks as well as some sophisticated new techniques that use the web browsers of unsuspecting, uninvolved people to flood with high levels of traffic.”

The attacks began Wednesday evening and surged again on Friday morning.

A security researcher at Insight Labs who goes by A​nthr@x wrote that “a certain device at the border of China’s inner network” had hijacked incoming connections so that anyone visiting a webpage with scripts from Baidu would load—and collectively overload—two specific GitHub pages: GreatFire—a project to make uncensored Google searches available in China—and a mirror of Chinese translations of the New York Times.

“Based on reports we’ve received, we believe the intent of this attack is to convince us to remove a specific class of content,” GitHub said.

GitHub has long been a thorn on the side of Chinese censors because the website’s HTTPS encryption means that individual sites can’t be blocked without denying access to the entire domain. The Chinese regime did block the entire GitHub website for nearly a week in 2013, backing down out of concerns that a blockade could endanger the economic competitiveness of Chinese programmers.

“GitHub is the preferred tool for programmers to learn and connect with the rest of the world,” former head of Google in China Kai-Fu Lee wrote in a 2013 blog post. “Blocking GitHub is unjustifiable, and will only derail the nation’s programmers from the world, while bringing about a loss in competitiveness and insight.”

This isn’t the first time GreatFire has been suffered severe cyber-attacks. Last week, mirrors of experienced the largest DDoS attack in its history, getting 2.5 billion spoof requests per hour.


The cyber-attack has continued uninterrupted through the weekend. GitHub has suffered minor service outages as a result, and the attackers have changed their tactics and some parts of the website has been compromised.

Finnish security expert Mikko Hypponen says that an attack of such proportions suggests that it was committed by Chinese authorities.

“It had to be someone who had the ability to tamper with all the Internet traffic coming into China,” he told the WSJ.