The U.S. coding website GitHub suffered its largest ever distributed denial-of-service (DDoS) attack between Thursday to Sunday. GitHub is still trying to recover from the massive traffic onslaught. Internet security experts said on Sunday that it was an attempt by China to shut down anti-censorship tools.

Baidu logo

GitHub endures an onslaught of Baidu traffic

The massive Internet traffic was meant for Chinese search engine Baidu, but it was directed to GitHub. San Francisco-based GitHub’s service is used by major tech firms, programmers, and even the U.S. government. Someone, presumably Chinese government officials, hijacked some widely used tools from Baidu to target anti-censorship software that can be used to get around Chinese censorship.

Baidu GitHub

It underscores how Beijing’s online censorship is reaching outside the country to block content that the Communist Party finds objectionable. The attackers injected malicious code into Baidu’s tools that are used to serve ads and provide analytics for web developers. When a user visited Baidu’s search engine, a code activated that sent consistent data requests from the user’s device to GitHub.

Security experts said the attack targeted Baidu’s overseas (outside China) users. It made the attack much harder to block because requests to GitHub come from all over the world. This onslaught of traffic looked like usual requests for information. According to Eva Dou of The Wall Street Journal, the massive traffic was specifically directed to two GitHub pages.

Baidu denies involvement in the attack

One of the pages was run by GreatFire.org, which lets Chinese users circumvent the government censorship. The page contained two anti-censorship tools, and it linked to copies of 10 websites blocked in China. The second page linked to a copy of the Chinese language website of The New York Times. Cybersecurity firm F-Secure chief research officer Mikko Hyponen said the attack involved Chinese authorities because the attackers were able to manipulate Internet traffic at a high level of China’s Web infrastructure.

Baidu said its systems were not infiltrated. The company denied any involvement in the attack.