Facebook Connect Plugin Hijacks by The Great Cannon of China
From past few days, Internet Users in China are dealing with a weird redirection of traffic nationwide while accessing any website that makes use of connect.facebook.net resource
The two websites to which the traffic is being redirected:
- wpkg.org — A website for open source automated software deployment, upgrade, and removal program for Windows.
- ptraveler.com — A personal travel blog authored by a young couple of Poland.
"This behavior is occurring locally and beyond the reach of our servers," a spokesperson from Facebook told The Verge. "We are investigating the situation."
The Great Cannon:
The current attack is also intercepting a line of JavaScript from the Facebook Connect plugin and injecting a new line of code to redirect Chinese users to unrelated sites as the content passes through China's national web filters.
The Citizen Lab researchers have named this capability "The Great Cannon," a special cyber attack tool essentially capable of
hijacking Internet traffic at the national level and then direct that
traffic at targeted networks the attackers want to knock offline,
sending back spyware or malware, or using the target to flood another
website with traffic.
It is believed that Github's attackers used the Great Cannon as a DDoS attack tool to redirect the Internet traffic of visitors to Chinese search engine giant 'Baidu' or any website that used Baidu’s extensive Advertisement network in order to cripple the popular code-sharing website.
It is still unclear why these two sites would be a target for the Great Cannon and why Facebook is chosen to conduct the attack, which has been banned in China for years, and most immigrants in the country use a VPN to access Facebook.
No comments
Post a Comment