Chinese Internet users are complaining that when they visit any website that contain "Login with Facebook" or "Connect with Facebook" buttons (which is being used by a vast number of sites), they automatically redirect to unrelated websites.
The two websites to which the traffic is being redirected:
- wpkg.org — A website for open source automated software deployment, upgrade, and removal program for Windows.
- ptraveler.com — A personal travel blog authored by a young couple of Poland.
"This behavior is occurring locally and beyond the reach of our servers," a spokesperson from Facebook told The Verge. "We are investigating the situation."
Is Chinese Government responsible for the attack?
At the moment, it isn't clear if Facebook traffic intercepting is backed by Chinese government or it's the result of some organized cyber attack, although ptraveler.com appears to have been brought down by the flood of redirected traffic.
However, this tactic sounds very similar to the one that the Chinese officials recently used against the popular code sharing website Github, so there is doubt that the Chinese government is responsible for the cyber attack.
At the end of last month, similar redirection was used to launch a massive distributed denial of service (DDoS) attack against Github, apparently in response to dissident content posted by the open source service.
The Great Cannon:
The Citizen Lab researchers have named this capability "The Great Cannon," a unique cyber attack tool capable of hijacking Internet traffic at the national level and redirect that traffic to targeted networks the attackers want to knock offline.
It is still unclear why these two sites would be a target for the Great Cannon and why Facebook is chosen to conduct the attack, which has been banned in China for years, and most immigrants in the country use a VPN to access Facebook.