Skip to main content

DDoS attack hits GitHub after Chinese police force developer to remove code

Image used with permission by copyright holder
GitHub has fallen prey to a DDoS attack this week, allegedly perpetrated by Chinese actors, in response to tools available on the site that would help users circumvent censorship.

On Tuesday the site found that it was under attack from malicious sources, following a similar tirade against the site in March of this year. This time, though, the attacks have been much more intense.

GitHub was supposedly targeted because the code repository hosts many different tools and resources for bolstering security and undermining censorship measures in countries like China. As a result it is believed that China-based attackers flooded the site with fake traffic to deny service to legitimate users., which regularly tracks sites blocked in China by the “Great Firewall,” reports that the open source project ShadowSocks, which calls itself a “secure socks5 proxy, designed to protect your Internet traffic” similarly to VPNs, has since been pulled from GitHub.

GitHub user, clowwindy, who is reportedly the developer of the protocol. claims the police told him or her to remove the code.

“Two days ago the police came to me and wanted me to stop working on this. Today they asked me to delete all the code from GitHub. I have no choice but to obey. I hope one day I’ll live in a country where I have freedom to write any code I like without fearing,” clowwindy wrote in a now-deleted comment. The ShadowSocks code has since been mirrored by other users and can be found on GitHub. also says a similar anti-censorship tool called GoAgent was removed from the site.

GitHub initially struggled to recover the site from this latest attack and return to normal operations, but on August 26 at midnight GMT, the site reported that everything was running 100 percent. That’s a much quicker recovery than in March, when a similar attack took the site down for nearly a week.

The graphic below shows how the site was hit rapidly with traffic.

github traffic
Image used with permission by copyright holder

At this time, users are speculating that Chinese authorities are behind the demands that the code be removed or for the DDoS attack itself, but no one has specifically been blamed.

Today the VPN Astrill also reported that its service was being disrupted in China ahead of the country’s World War II anniversary celebrations in a bid to stamp out any dissent against the government online.

Editors' Recommendations

Jonathan Keane
Former Digital Trends Contributor
Jonathan is a freelance technology journalist living in Dublin, Ireland. He's previously written for publications and sites…
Cloudflare just stopped one of the largest DDoS attacks ever
Hands on a laptop.

Cloudflare, a company that specializes in web security and distributed denial of service (DDoS) attack mitigation, just reported that it managed to stop an attack of an unprecedented scale.

The HTTPS DDoS attack was one of the largest such attacks ever recorded, and it came from unusual sources -- data centers.

Read more
Microsoft stopped the largest DDoS attack ever reported
Nvidia T4 Enterprise Server Wall

Distributed Denial-of-Service (DDoS) attacks have become more common, and Microsoft recently published a blog post looking into the trends for such attacks on its own servers. In that post, the company says that, at one point, it stopped one of the largest-ever-recorded DDoS attacks on a Microsoft Azure server in Asia.

According to Microsoft's data, in November, an unnamed Azure customer in Asia was targeted with a DDoS attack with a throughput of 3.47 Tbps and a packet rate of 340 million packets per second (pps.) The attack came from 10,000 sources from multiple countries across the globe, including China, South Korea, Russia, Iran, and Taiwan. The attack itself lasted 15 minutes. Yet it is not the first one of such scale, as there were two additional attacks, one of 3.25 Tbps and another of 2.55 Tbps in December in Asia.

Read more
Cloudflare reports a massive 175% increase in DDoS attacks
Person using laptop with security graphics in front.

Cloudflare, a web infrastructure and security company, has just released a report titled "DDoS Attack Trends for Q4 2021." According to Cloudflare, 2021 has been a particularly bad year in terms of DDoS attacks.

Ransom distributed denial of service (DDoS) attacks increased by over 175 percent quarter over quarter, highlighting the large scale of the problem described by Cloudflare.

Read more