Chinese authorities compromise millions in cyberattacks
On March 17th 2015, our websites and partner websites came under a DDoS attack. We had never been subjected to an attack of this magnitude before. This attack was unusual in nature as we discovered that the Chinese authorities were steering millions of unsuspecting internet users worldwide to launch the attack. We believe this is a major cyber-security and economic threat for the people of China.
After calling on the Internet community for help and assistance, independent researchers with access to our log files discovered the following facts:
-
Millions of global internet users, visiting thousands of websites hosted inside and outside China, were randomly receiving malicious code which was used to launch cyberattacks against GreatFire.org’s websites.
-
Baidu's Analytics code (h.js) was one of the files replaced by malicious code which triggered the attacks. Baidu Analytics, akin to Google Analytics, is used by thousands of websites. Any visitor to any website using Baidu Analytics or other Baidu resources would have been exposed to the malicious code. A list of Baidu resources known to be used for the attack appears in the report.
-
That malicious code is sent to “any reader globally” without distinguishing that user’s geographical location, meaning that the authorities did not just launch this attack using Chinese internet users - they compromised internet users and websites everywhere in the world.
-
The tampering takes places someplace between when the traffic enters China and when it hits Baidu’s servers. This is consistent with previous malicious actions and points to the Cyberspace Administration of China (CAC) being directly involved in these attacks.
More technical details of the attack can be read in a research report titled “Using Baidu to steer millions of computers to launch denial of service attacks”.
GitHub Suffers DDoS Attack
On March 25 the Chinese authorities used the same techniques to launch a DDoS attack on GitHub - our page was one of the main targets. To mitigate the DDoS attack, we mirrored content on our GitHub repository and asked users to access that page directly. The attackers then switched their attack to our GitHub page.
GitHub stated:
We are currently experiencing the largest DDoS (distributed denial of service) attack in github.com's history. The attack began around 2AM UTC on Thursday, March 26, and involves a wide combination of attack vectors. These include every vector we've seen in previous attacks as well as some sophisticated new techniques that use the web browsers of unsuspecting, uninvolved people to flood github.com with high levels of traffic. Based on reports we've received, we believe the intent of this attack is to convince us to remove a specific class of content.
We believe that “a specific class of content” refers to GreatFire.org’s GitHub page. To combat the DDoS attack from malicious JS code injected by CAC, GitHub modified https://github.com/greatfire/ to show a message to users: "WARNING: malicious javascript detected on this domain".
The URL to access our GitHub page ( https://github.com/greatfire/) is hard coded into the malicious JS. Our page is still accessible and only users who have been exposed to the malicious code will see the warning pop up message while browsing other websites. The GitHub attack is still ongoing and the malicious JS is still being injected for approximately 1% of foreign visitors to websites that are using elements from Baidu.
The Implications
When we first blogged about this attack we did not want to level accusations without evidence. Based on the technical forensic evidence provided above and the detailed research that has been done on the GitHub attack, we can now confidently conclude that the Cyberspace Administration of China (CAC) is responsible for both of these attacks.
Hijacking the computers of millions of innocent internet users around the world is particularly striking as it illustrates the utter disregard the Chinese authorities have for international as well as even Chinese internet governance norms. There was no way for an average internet user to prevent themselves from being exploited as part of this attack. This statement from Lu Wei, the head of the Cyberspace Administration of China, encapsulates our thoughts and concerns about these attacks:
We should establish an Internet order that helps maintain security. The Internet is a worldwide platform for sharing information. It is “a community of common interests”. No country is immune to such global challenges as cybercrime, hacking and invasion of privacy. In cyberspace, it is becoming increasingly difficult to uphold security for one’s own country by sacrificing that of others. It is also not practical to pursue one’s own interests by rejecting others’ needs. China is also a victim of hacking. We have always firmly opposed all forms of Internet attacks.
Inserting malicious code in this manner can only be done via the Chinese Internet backbone. Even if CAC did not launch the DDoS attack directly, they are responsible for managing the internet in China and it is not possible that they did not know what was happening. These attacks have occurred under CAC’s watch and would have needed the approval of Lu Wei.
Lu Wei and the Cyberspace Administration of China have clearly escalated the tactics that they use to control information. The Great Firewall has switched from being a passive, inbound filter to being an active and aggressive outbound one. This is a frightening development and the implications of this action extend beyond control of information on the internet. In one quick movement, the authorities have shifted from enforcing strict censorship in China to enforcing Chinese censorship on internet users worldwide. CAC can launch these attacks quickly and easily and they have the technical and financial resources behind them to continue to launch DDoS attacks against any website, anywhere in the world.
These attacks also illustrate the shortsighted nature of the Chinese authorities. Weaponizing Chinese internet services stifles global confidence in Chinese entrepreneurs and contributes to the fragmentation of the global internet. The SEC has already asked Weibo to explain how the censorship apparatus works - Baidu, a publicly-listed company in the US, may be called in to do the same.
We correctly predicted last year that China would increase their use of MITM attacks in an effort to censor encrypted websites. We now sadly predict that the DDoS attacks against us and GitHub are likely to signal a ramping up of attacks against foreign internet properties. These kinds of attacks should draw scorn and criticism from government officials of all countries around the world.
It is important to note that throughout this attack, our Android FreeBrowser app has not been impacted and is still helping thousands of Chinese internet users to bypass censorship and the great firewall every day.
On behalf of the millions of unsuspecting users manipulated by these actions, we call on Lu Wei and the Cyberspace Administration of China (CAC) to bring an end to these DDoS attacks immediately and to apologise for their blatantly disrespectful and dangerous actions.
Further Information
After the attacks started, many overseas Chinese saw these warning messages and started to post screenshots on social media.
One person uploaded a video to YouTube showing what happens when a user is injected with malicious JS in the GitHub DDoS attack. You can also see GitHub’s mitigation efforts in this video.
There are fascinating details about the attack on GitHub and changes made by the Cyberspace Administration of China to maintain the attack.
An earlier report about an unrelated GFW upgrade stated that “Every machine in China has the potential be a part of a massive DDOS attack on innocent sites,” and “They have weaponized their entire population.” That was too optimistic. Now CAC has weaponized the entire Internet population.
Comments
This will definitely be very useful for me when I get a chance to start my blog.
http://www.mothersdayquotess.com/
Moving to another destination can be an extremely confused and distressing procedure.
Packers and Movers Bangalore @ http://www.11th.in/packers-and-movers-bangalore.html
Packers and Movers Noida @ http://www.11th.in/packers-and-movers-noida.html
Packers and Movers Ghaziabad @ http://www.11th.in/packers-and-movers-ghaziabad.html
Packers and Movers Chennai @ http://www.11th.in/packers-and-movers-chennai.html
I think that the DDoS attack is one of the major cyber crimes that threatened the internet users in China. The good thing abut this is that it served as a wake up call and now more than ever the cyber crimes in china have been curbed to a great extent. Did you know that you can get reliable homework editing help by simply clicking on the link below?
https://www.customwritingbay.ca
اقاريو العربيه ظهرت مباشرة بعد ان اشتهرت اقاريو الاصلية التي هي Agario باللغة الاجنبية واسمها بالظبط هو واول ظهور لها كان يوم 28 ابريل سنة 2015
http://gamesbanatcoat.blogspot.com
Thank you for the good writeup. It actually was once a enjoyment account it.plz visit here:
http://packers-and-movers-bangalore.in/
http://packers-and-movers-bangalore.in/packers-and-movers-konanakunte-be...
http://packers-and-movers-bangalore.in/packers-and-movers-bengaluru-to-g...
Packers-and-Movers-Bangalore.in is well arranged and settled website among all packers and movers company.
http://www.11th.in/packers-and-movers-bangalore.html
http://www.11th.in/packers-and-movers-noida.html
http://www.11th.in/packers-and-movers-ghaziabad.html
http://www.11th.in/packers-and-movers-chennai.html
Packers and Movers Bangalore @ http://www.11th.in/packers-and-movers-bangalore.html
Packers and Movers Noida @ http://www.11th.in/packers-and-movers-noida.html
Packers and Movers Ghaziabad @ http://www.11th.in/packers-and-movers-ghaziabad.html
Packers and Movers Chennai @ http://www.11th.in/packers-and-movers-chennai.html
Packers and Movers Mumbai @
http://www.movers5th.in/packers-and-movers-mumbai/
Packers and Movers Delhi @
http://www.movers5th.in/packers-and-movers-delhi/
Packers and Movers Gurgaon @
http://www.movers5th.in/packers-and-movers-gurgaon/
Packers and Movers Hyderabad @
http://www.movers5th.in/packers-and-movers-hyderabad/
Packers and Movers Pune @
http://www.movers5th.in/packers-and-movers-pune/
Packers and Movers Bangalore @
http://www.movers5th.in/packers-and-movers-bangalore/
Nice article. Thanks for sharing this amazing article !!
check also http://www.mothersday-message.com
Words Doctorate ( http://www.wordsdoctorate.com/ ) is providing PhD-Master Thesis and Research related support for PhD Students-all stream.
PhD and Master Thesis & Dissertation Writing Service, We serve students globally in all subjects,Provide completed solutions and online Guidance by PhD Holders.
All are saying the same thing repeatedly, but in your blog I had a chance to get some useful and unique information, I love your writing style very much, I would like to suggest your blog in my dude circle.
http://www.showboxapkdownloadd.com/
I appreciate this post and its seems looking so informative Thanks for sharing with us..
http://packersmoversbangalore.in/
I regard something truly interesting about your web blog so I saved to favorites .
http://packersmovershyderabadcity.in/
videos are awesome download them here
https://vidmatehd.org/
For awesome features of your phone download framaroot
https://iframarootapk.net/
For awesome features of your phone download framaroot
https://iframarootapk.net/
مؤسسة صفوة المدينة شركة تنظيف خزانات وغسيل خزانات بالمدينة المنورة ومكافحة حشرات بالمدينة المنورة الشركة لديها تخصص فى نقل العفش بالمدينة اللمنورة ومكافحة الحشرات وغسيل الخزانات بالمدينة المنورة
http://www.atar-almadinah.com/khasil.html شركة تنظيف خزانات بالمدينة المنورة
Great article thanks for sharing !!!
Ganesh Chaturthi Images
Thanks
What an lovely piece of content. Thats why i liked it everytime i read it. Thanks mate really thanks. Have a good day ahead. Also check !
Happy Onam Images
Thanks
http://icinemaboxapk.net/
NICE TOPIC I LOVE IT
http://al3abtabkh1.blogspot.com/
NICE WORK NICE
http://al3abtabkh1.blogspot.com/
good This lead is normally about how precisely to download kodiforiphone for distributing their market. The greatest support offered by iPhone is usually iOS. Kodi on iPhone nice.
good Launch Cydia from the home screen, tap on Manage button followed by sources iplaystoredownload Then type Cydia web address and install Cydia and then Bootlace. nice.
This research is practically done by you and gives good ideas. visit here some useful content here.
http://packersmoverschennai.in/
http://blog.packersmoverschennai.in/
This is an amazing type of post.
Davinda Honald
Thanks for sharing such a valuable information.Im very thankful to you that you had given me this opportunity to write on this blog.please visit our website I assure you that it will be very useful for our website.
http://jaipurpackersandmovers.in/
http://blog.jaipurpackersandmovers.in/
Are you currently interested to ways to accrue popularity quickly? You only require to Buy Facebook Followers to become well known online. - https://www.boostfollower.com/buy-facebook-followers/
visit over here to get the original content within your budget
http://www.freshcontent.in/
For getting an increased publicity for your facebook account, Individuals expend dollars to Buy Facebook Followers to conveniently have exposure on world wide web. http://ranklikes.com/buy-facebook-followers/
efforts.Thanks alot for your writings......Waiting for a new 1...Please visit our wonderful and valuable website.......
http://packersmoverspune.org/
http://blog.packersmoverspune.org/
I agree with you. This post is truly inspiring. I like your post and everything you share with us is current and very informative, I want to bookmark the page so I can return here from you that you have done a fantastic job.
http://packers-and-movers-gurgaon.in/
good You might want to keep your collection on a bigger exterior drive https://itunesdownloadapp.com It likewise makes it simple to move your iTunes collection to great.
good Apk app downloader is used as various sources. There are kodidownloadapptv releases are provided. For typical users, steady nice.
very nice post. thanks for sharing
All Upcoming Jobs
After downloading and install the APK documents, Snapchat Web Most likely to the official internet site of BlueStacks.
I appreciate this post and its seems looking so informative Thanks for sharing with us..
http://packersmoversbangalore.in/
Packers and Movers Bangalore list, Cheap Packers Movers Bangalore Charges, Local, Affordable Household Shifting Bangalore,
@ http://Packers-and-Movers-Bangalore.in/
Pictures by streaming them online at free of cost. Mobdro Download as well as lots extra. With chrome actors support.
When in dire need of funds, Loans can be amassed in to your bank account due to the hassle free technique of availing funds. With no formal rituals linked to the system of application, deriving the amount within a couple of hours will not be much of a hassle.
3 month payday loans instant cash - http://www.3monthpaydayloans.co/
100 loan for 3 months - http://www.3monthpaydayloans.co/
500 pounds loan UK - http://www.3monthpaydayloans.co/
It is no doubt from my point of view that there is change needed. tnea counselling
https://www.housecleanned.com/
https://www.cleanhousess.com/
https://www.cleanhousees.com/
https://www.housecleansed.com/
http://www.alnazafa.com/
The satta matka Original Website Provide Fast Matka Result site.
An academic writer having years of experience.
https://myassignmenthelp.com/uk/thesis-help.html
We Provide Best Packers And Movers Hyderabad List for Get Free Best Quotes, Compare Charges, Save Money And Time, Household Shifting Services @ http://packersmovershyderabadcity.in/
Packers And Movers Packers And Movers Bangalore Local Household Shifting Service, Get Free Best Price Quotes Local Packers and Movers in Bangalore List , Compare Charges, Save Money And Time.@ http://packersmoversbangalore.in/
Get Professional Assignment Help from the quality assignment writers at AssignmentStudio.net
we have a team of professional writers to help University Students with their essays, case studies, thesis.
For more details visit us at www.assignmentstudio.net
Nice post,
https://buff.ly/2xMtarS
I appreciate this post and its seems looking so informative Thanks for sharing with us.
packers-and-movers-gurgaon.in
Pages
Add new comment