Chinese government’s Great Cannon tool injecting a weird code that redirects Facebook users to different website.
Facebook users in China are facing a weird situation for past two days. Whenever they try to visit Facebook, they are either taken a website called wpkg.org or another ptraveler.com.
Facebook is apparently under attack from the Great Cannon, the hacking and censuring tool clandestinely used by the Chinese government. The hack attack follows a simple method, redirect and confuse users so that they dont visit Facebook.
Even the sites that are using Facebook Connect login widget are not spared. Sites using the Facebook Connect login widget are seeing their traffic hijacked or redirected to the above two websites. Incidentally, neither of the above two sites have any remotest connection with the PLA or the Chinese governement;Â wpkg.org, the home of an open source software management tool, and ptraveler.com is a personal travel blog authored by a couple from Poland.
The attack is apparently carried out by targeting a line of JavaScript used by the Facebook Connect plug-in and injecting it with a line of code that redirects the user to either of these unusual third-party websites.
Since the new code is injected as content passes through China’s national web filters, there’s little doubt that the Chinese government is responsible for the attacks.
According to the report by Citizen Labs, Chinese attackers used the Great Firewall’s offensive sister-system, named the Great Cannon, to launch a recent series of distributed denial of service attacks targeting the anti-censorship site, GreatFire.org, and the global code repository, Github.
And as desired by the hackers, this Facebook redirection has left Chinese users scratching their head. A Chinese Facebook user said that the redirect does not happen consistently on every page of every site, and sometimes there is a delay before the redirect.
Some Facebook users in China reported that they are facing the redirections even using a VPN.
