Facebook’s login system is being hijacked by China’s Great Firewall
It’s not the first time China has performed this kind of traffic interception. In March, a similar redirection was used to perform a denial-of-service attack on GitHub, apparently in retaliation for dissident content posted through the service. Since the new code is injected as content passes through China’s national web filters, there’s little doubt that the Chinese government is responsible for the attacks. The research group Citizen Lab has named the capability “The Great Cannon,” a play on the Great Firewall censorship filter.
It’s difficult to say why Facebook Login is being targeted, since the net effect for most users is simply to redirect the browser to an unrelated homepage. Facebook itself is officially blocked in China, although the block has been relaxed in recent years. Some have speculated that an injection attack like this could be used to spoof a Facebook login, but if such an attack is being carried out, it’s likely targeted to only a handful of users and effectively invisible on the network scale. It’s likely both sites have seen a huge uptick in traffic, but there’s no clear reason why these sites would be targets for the Great Cannon, or why Facebook would be the conduit for that attack.