Evidence links China to GitHub cyber-attack - BBC News
Internet users outside China are unwittingly participating in a long-running cyber-attack on the coding site GitHub, security experts have said.
In a blog, Mr Hjelmvik described the attack step-by-step:
Internet users outside China are unwittingly participating in a long-running cyber-attack on the coding site GitHub, security experts have said.
In a blog, Mr Hjelmvik described the attack step-by-step:
- An innocent user browses the internet from outside China
- One website the user visits loads an analytics script - a sequence of instructions - from a server in China, for example Baidu, something that often used by web admins to track visitor statistics
- The web browser's request for the Baidu script is detected by Chinese equipment as it enters the country
- A fake response is sent out from within China instead of the actual Baidu Analytics script. This fake response is a malicious script that tells the user's browser to continuously reload two specific pages on GitHub.com