Hacker News new | ask | show | jobs
by ethbro 2388 days ago
> conduct a massive DDoS attack

That's not an accurate summary of what they're doing.

They're intermittently serving poisoned js in place of known analytics scripts.

Which changes the potential "who" a bit.
2 comments
dmix 2388 days ago
Either someone hacked the root Baidu servers, Baidu is involved, or the network requests are being manipulated by Chinese controlled entities.

There’s a high probability this is state run. There’s probably tons of offensive cyber teams in China and these are hitting sites like Greatfire.org which documents Chinese censorship (which was also why Github was hit if I’m not mistaken).

It’s not surprising that the organs of censorship would be used to target attempts to expose said censorship.

link
ethbro 2387 days ago
Absolutely. Or potentially some cert wonkery.

I haven't looked at this closely enough to know how the script's chaining works, or if China retains MitM capability across TLS.

Regardless, it's nice to be reasonably accurate when we're tossing around claims.

link
erikpukinskis 2388 days ago
“Conduct” in this case could mean performing but most likely means directing.
link