abusesaffiliationarrow-downarrow-leftarrow-rightarrow-upattack-typeburgerchevron-downchevron-leftchevron-rightchevron-upClock iconclosedeletedevelopment-povertydiscriminationdollardownloademailenvironmentexternal-linkfacebookfiltergenderglobegroupshealthC4067174-3DD9-4B9E-AD64-284FDAAE6338@1xinformation-outlineinformationinstagraminvestment-trade-globalisationissueslabourlanguagesShapeCombined Shapeline, chart, up, arrow, graphLinkedInlocationmap-pinminusnewsorganisationotheroverviewpluspreviewArtboard 185profilerefreshIconnewssearchsecurityPathStock downStock steadyStock uptagticktooltiptwitteruniversalityweb
Article

6 Sep 2019

Author:
Jane Li, Quartz

Hong Kong protestor site accused Baidu and Qihoo of cyber attacks; cybersecurity expert said attacks initiated by Chinese websites were unlikely

“A Hong Kong protester site says cyber attacks against it piggy-backed off China’s Baidu”, 2 September 2019

… LIHKG, the de facto online headquarters for protestors, who use the website to exchange tips and comments about the movement, said it came under an “unprecedented” distributed denial of service, or DDoS, attack on Aug. 31, with the episode leading to denied access to the website for some of its users. DDoS is a form of cyber attack that floods a targeted machine or server with so many requests the system gets overloaded and can’t fulfill some or all legitimate requests from actual users.

“We have reasons to believe that there is a power, or even a national level power behind to organize such attacks as botnet from all over the world were manipulated in launching this attack,” the website, which is run by anonymous operators, announced in a post…

The forum identified two Chinese websites as being among those involved in the attack, including Baidu Tieba, an online forum under Baidu, the largest search engine in China, and qihucdn.com, which some LIHKG users believe belongs to Qihoo360, a Chinese internet security firm. Baidu declined to comment, while Qihoo360 did not reply to a request for a comment.

K, a cybersecurity expert… said his diagnosis shows the attacks were unlikely initiated by Baidu and the other Chinese websites themselves. Rather, he suspects the attacks happened because the websites were perhaps “compromised” through some malicious Javascript inserted in their content delivery network (CDN), a system of distributed servers that deliver pages and other web content to users. According to K, the “compromised” scripts could effectively lead to the computers of anyone that visits the affected Chinese websites to launch the DDoS attack on LIHKG.

It is unclear whether Baidu or Qihoo is aware of the issue, or which organization might have inserted malicious scripts into the servers, he added…[Also referred to Telegram, Twitter, Github]

Timeline

Privacy information

This site uses cookies and other web storage technologies. You can set your privacy choices below. Changes will take effect immediately.

For more information on our use of web storage, please refer to our Data Usage and Cookies Policy

Strictly necessary storage

ON
OFF

Necessary storage enables core site functionality. This site cannot function without it, so it can only be disabled by changing settings in your browser.

Analytics cookie

ON
OFF

When you access our website we use Google Analytics to collect information on your visit. Accepting this cookie will allow us to understand more details about your journey, and improve how we surface information. All analytics information is anonymous and we do not use it to identify you. Google provides a Google Analytics opt-out add on for all popular browsers.

Promotional cookies

ON
OFF

We share news and updates on business and human rights through third party platforms, including social media and search engines. These cookies help us to understand the performance of these promotions.

Your privacy choices for this site

This site uses cookies and other web storage technologies to enhance your experience beyond necessary core functionality.