29 - Great Cannon of China
Lance and JS discuss censoring attacks from China targeting Github.
- At the end of March 2015, China attacked Github with a massive DDoS attack that intermittently crashed the website for multiple days. They were targeting 2 projects, GreatFire and cn-nytimes.
- Over the years China attacked Github multiple times. Blocked traffic with DNS hijacking to Mitm TLS attacks. This is scary considering that China has some trusted Root CA in all of our computers.
- load two GitHub pages, one a mirror of anti-censorship site GreatFire.org the other a copy of the China edition of The New York Times.
- Now, Rob Graham, CEO of Errata Security, has traced the origin of the malicious code to China Unicom, the same telecom that has been caught before aiding the massive censorship apparatus known as the Great Firewall of China.
- Some people are calling this DDoS tool the Great Canon of China.
- As we mentioned earlier, what’s interesting is that it hijacks traffic from a really large number of computers in China which are not really compromised, other than that they are in China.
- According to CitizenLab, the Chinese government is probably behind this attack.
Was at that time the biggest DDoS attack ever.