

China's national firewall hijacks JavaScript to DDoS GitHub - wzyboy
http://slashdot.org/submission/4299157/chinas-national-firewall-hijacks-javascript-to-ddos-github

======
zhufenggood
Baidu's javascript cdn is being Hack by national firewall, inject these js
script. If other webseit include some javascript library from Baidu's
javascript CDN will auto run js script that will DDOS attack Github. The
Attack js script is here:

[https://gist.github.com/zhufenggood/7bb040b1effb71d14bcc](https://gist.github.com/zhufenggood/7bb040b1effb71d14bcc)

Here is deobfuscate version using
[http://jsbeautifier.org/](http://jsbeautifier.org/)

[https://gist.github.com/zhufenggood/6a38c2a2b2185977b3cb](https://gist.github.com/zhufenggood/6a38c2a2b2185977b3cb)

Github notice that, it replace that DDOS http request respond with a
alert("WARNING: malicious javascript detected on this domain").

That is why some Chinese guy gets a weird pop-up with English text when
visiting Chinese websites

------
wzyboy
Some Chinese guy gets a weird pop-up with English text when visiting Chinese
websites. A deeper investigation reveals that China's national firewall (GFW)
is hijacking some popular JavaScripts to DDoS GitHub.

