Facebook's login system is being hijacked by China's Great Firewall

Source: 
Coverage Type: 

For the last three days, China's Great Firewall has been intercepting the Javascript module from Facebook Login, which allows third-party sites to authorize users through Facebook infrastructure. First reported on April 26, the attack causes sites using Facebook Login to redirect to a third-party page for many web users in China. "This behavior is occurring locally and beyond the reach of our servers," a Facebook spokesperson said. "We are investigating the situation." Because the code is intercepted within China's national telecommunications infrastructure, only users located in China (and accessing the web without a VPN) will be affected.

The attack can also be avoided by disabling Javascript, since the inserted code runs as a Javascript applet. Readers in China have confirmed that the redirection attack was still under way as of April 28. Local media in Beijing has also reported on the problem. The Great Firewall began intercepting the Facebook Login applet, replacing it with a new single-line redirection code from two third-party sites. The result is that, for non-VPN users in China, any page with a Facebook Login button has been redirecting to two sites: wpkg.org or ptraveler.com, an open-source software project and a personal travel blog respectively. It's unclear why the Chinese government would want to send users to these sites, although ptraveler.com seems to have been brought down by the flood of traffic.


Facebook's login system is being hijacked by China's Great Firewall China is Hacking Facebook With This One Weird Trick (FastCompany)