On March 25, Baidu traffic began hitting a pair of URLs hosted on GitHub and causing temporary disruptions of the service.
“We are currently experiencing the largest DDoS attack in github.comâ€™s history,â€ the company announced. â€œThe attack involves a wide combination of attack vectors. These include every vector weâ€™ve seen in previous attacks as well as some sophisticated new techniques that use the web browsers of unsuspecting, uninvolved people to flood github.com with high levels of traffic.â€
The URLs link to two projects created to combat censorship in China, which raises suspicions over the source of the attack.
Based on reports weâ€™ve received, we believe the intent of this attack is to convince us to remove a specific class of content,â€ Jesse Newland wrote on the GitHub blog on Saturday.
GitHub has managed to successfully mitigate the attack several times and, 118 hours later, it seems to have stopped.
â€œThe ongoing DDoS attack has shifted again to include Pages and assets. We are updating our defenses to match,â€ the GitHub status page reports.
Baidu denied involvement in the attack, and says its own internal security hasn’t been compromised. â€œAfter careful inspection by Baiduâ€™s security engineers, we have ruled out the possibility of security problems or hacker attacks on our own products,â€ the company told Ars Technica.