'Facebook Login' allegedly hijacked by the 'Great Firewall of China'
Posted by: Jon Ben-Mayor on 04/30/2015 12:12 PM [ Comments ]
China's Great Firewall, which is the Chinese government's attempt to regulate the internet in Mainland China, is reported to be intercepting the JavaScript module used by Facebook Login. Facebook Login is meant to allow third-party websites the the ability to authorize users through Facebook infrastructure.
According to the The Verge, the first interceptions to the Facebook Login applet were reported Sunday and began replacing it with a new single-line redirection code from two third-party sites. The result is that, for non-VPN users in China, any page with a Facebook Login button has been redirecting to two sites: wpkg.org or ptraveler.com, an open-source software project and a personal travel blog respectively.
It's unclear why the Chinese government would want to send users to these sites, although ptraveler.com seems to have been brought down by the flood of traffic. However, according to The Hacker News, this tactic sounds very similar to the one that the Chinese officials recently used against the popular code sharing website Github, so there is doubt that the Chinese government is responsible for the cyber attack.
Some are saying that this may be accidental, while one Reddit user says, "it is basically spoofing the google analytics DNS to load a malicious script which randomly redirects the user to this porn site."
The Register futher explains that the attack involves an invisible button that loads on certain websites which notifies attackers of the device a victim is using before redirecting them to a malicious site.
No issues have been reported outside of China, but it is still interesting.
It's unclear why the Chinese government would want to send users to these sites, although ptraveler.com seems to have been brought down by the flood of traffic. However, according to The Hacker News, this tactic sounds very similar to the one that the Chinese officials recently used against the popular code sharing website Github, so there is doubt that the Chinese government is responsible for the cyber attack.
Some are saying that this may be accidental, while one Reddit user says, "it is basically spoofing the google analytics DNS to load a malicious script which randomly redirects the user to this porn site."
The Register futher explains that the attack involves an invisible button that loads on certain websites which notifies attackers of the device a victim is using before redirecting them to a malicious site.
No issues have been reported outside of China, but it is still interesting.
Comments