China Is Hacking Facebook With This One Weird Trick

Sites using the Facebook Connect plug-in are seeing their traffic redirected in China. But nobody is sure why.

China Is Hacking Facebook With This One Weird Trick
[Photos: Flickr users Acid Pix and /\ \/\/ /\]

If you live in China, you may notice your web browser acting wonky today. Even if you don’t, this is still notable: Facebook is apparently under cyberattack in China, according to The Verge. And the tactic being used has users across the country scratching their heads.


Sites that use the Facebook Connect login widget (which is a ton of sites) are seeing their traffic hijacked and redirected to two websites:, the home of an open source software management tool, and, a personal travel blog authored by a couple from Poland.

The attack is apparently targeting a line of JavaScript used by the Facebook Connect plug-in and injecting it with a line of code that redirects the user to either of these unusual third-party websites.

As The Verge explains:

Since the new code is injected as content passes through China’s national web filters, there’s little doubt that the Chinese government is responsible for the attacks. The research group Citizen Lab has named the capability “The Great Cannon,” a play on the Great Firewall censorship filter.

It’s difficult to say why Facebook Connect is being targeted, since the net effect for most users is simply to redirect the browser to an unrelated homepage.

Last month, GitHub found itself at the receiving end of the largest DDoS attack in the site’s history. The attack, which lasted for several days, flooded the code repository with traffic from China-based sources using a similar JavaScript-hijacking method.

This latest redirection attack has caught the attention of users in China, who are unsure of what to make of it.

Writes The Beijinger:


What’s odd is that it seems that the redirect does not happen consistently on every page of every site, and sometimes there is a delay before the redirect. Using a VPN does not stop the weirdness, some users report.

There does not seem to be any significance of the sites that are receiving the redirects.

For now, the redirects appear to still be in place. Meanwhile users on Reddit are and how to get around it. Pretty weird.

About the author

John Paul Titlow is a writer at Fast Company focused on music and technology, among other things.