The Great Firewall of China is being used to carry out a denial-of-service attack on the code repository GitHub, according to the software vendor Netresec.
The cyberattack works by redirecting visitors of the Chinese search engine Baidu from outside the country to a piece of malicious JavaScript, which then continuously reloads two pages on GitHub, disrupting the website.
Erik Hjelmvik, an analyst at Netresec, wrote on the firm’s blog: "This attack demonstrates how the vast passive and active network filtering infrastructure in China, known as the Great Firewall of China or GFW, can be used in order to perform powerful DDoS (distributed-denial-of-service) attacks.
"Hence, the GFW cannot be considered just a technology for inspecting and censoring the Internet traffic of Chinese citizens, but also a platform for conducting DDoS attacks against targets worldwide with help of innocent users visiting Chinese websites."
The hack, known as a man-on-the-side attack, appeared to affect just 1% of the requests for Baidu Analytics, a web traffic monitoring tool run by the search engine, with most visitors being untroubled.
China was implicated in the attack following rumours that the pages being targeted included an anti-censorship tool from the advocacy Greatfire.org and a Chinese language edition of the New York Times.
However the code repository reported on Tuesday that everything was operating normally, the site having been disrupted intermittently since Thursday March 26.
