table of Contents
The beginning of the event
Hello everyone, ip sauce the night when the code line and found many github pages can not access the service, encounter https certificate error. Initially speculated, it could be a man in the middle attack (English: Man-in-the-middle attack, abbreviation: MITM) 1 .
Recalling the incident
As of posting time ip sauce, github has returned to normal. However, IP sauce Grilled still want to look at this thing immature.
-
Really helpless, IP sauce staying up late to catch the project, suddenly found omix documents inaccessible, vant-weapp the github page inaccessible. (This figure comes from oschina, the author himself is a Firefox browser, not enough time to capture prompt interface)
-
But I shot a certificate, I do not know Shashi Hou became COM verifier
-
View certificate details, this is the signature forgot to change the mailbox? Or deliberately falsified
-
I tried to search this QQ
to sum up
The rule of law, allow Haier mess.
See these comments, I do two kinds of speculation,
- The attacker was a dabbler, forgot to change the mailbox, careless exposure
- The owner of this qq is nothing but a scapegoat, fraudulent use qq-mail
The recovery is fairly quick, as of 9:30 am github have normal access
13:11 update
This is not over, chose a mailbox, a bit mean, ha ha