The attacks appear to be linked to a petition created on WhiteHouse.gov
On January 26, for around one hour, man-in-the-middle (MitM) attacks were launched against Chinese users who attempted to access GitHub.According to GreatFire.org, the attacks most likely came in response to a petition made on the previous day on the website of the US White House. The petition asks the Obama administration to ban the ones responsible for building the Great Firewall of China from entering the country.
So what’s the connection between the petition on WhiteHouse.gov and GitHub?
The initiators of the petition urge users to visit a GitHub paste which contains the names of those responsible for the Great Firewall of China.
It’s believed that some of the individuals whose names are on the list have attempted to block users from accessing it by launching the MitM attacks. Users who disregarded the warnings displayed by their browsers and installed the rogue certificates, might have had their passwords stolen.
A few days prior to the incident, China had blocked GitHub completely, but authorities lifted the ban in response to protests.