Incident Response, TDR

GitHub on DDoS alert, efforts to curb its largest attack continue

For more than four days, coding website GitHub.com has endured a persistent wave of distributed denial-of-service (DDoS) attacks, deemed the largest of its kind impacting the site.

In a Friday blog post, a day after the attacks began, GitHub said that the online assault involved a “wide combination” of DDoS attacks, which included attack vectors it had seen in previous attacks, along with “some sophisticated new techniques that use the web browsers of unsuspecting, uninvolved people to flood GitHub.com with high levels of traffic.”

According to The Wall Street Journal, the traffic overwhelming the coding site was redirected from the Chinese search engine Baidu. Specifically, the hijacked traffic was aimed at two GitHub pages, which linked to copies of banned websites in China, the Sunday article explained. One of the blocked sites was operated by Greatfire.org, an anti-censorship site providing workarounds for Chinese users.

When the DDoS attacks started pummeling Github's site on Thursday, renowned security researcher Mikko Hypponen took to his Twitter account and said that the attacks were an attempt to “silence the great work” done by GreatFire.org.

On Monday afternoon EST, San Francisco-based GitHub posted a status update on the attacks at its site, saying that it had endured 113 hours of sustained DDoS attacks, but that its “defenses are holding.”

“We will keep our status at yellow until the threat has subsided,” the update said. 

UPDATE: After announcing Monday night that its mitigation efforts were effective,GitHub confirmed Tuesday on its status update site that its systems were now "operating normally."

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.