Although in those, they targeted using pretty close selectors and the payload was browser exploits with a very advanced dropper from what is essentially a big, supported modern malware construction kit. GCHQ used the same technique, but leveraged it to do a very different - and actually far more intrusive and destructive - thing.
This, by contrast, is a widely-targeted, fairly dumb DoS payload - but of course, not every DDoS has to be smart! Scale does all the work, and dropping malware, albeit relatively benign malware, en masse like this yields a lot of scale. This is particularly bad when there are potentially more personnel adapting it to evade defenses than there are personnel trying to defend against it: bravo to the GitHub security team!
This, by contrast, is a widely-targeted, fairly dumb DoS payload - but of course, not every DDoS has to be smart! Scale does all the work, and dropping malware, albeit relatively benign malware, en masse like this yields a lot of scale. This is particularly bad when there are potentially more personnel adapting it to evade defenses than there are personnel trying to defend against it: bravo to the GitHub security team!