A phishing attack by the Syrian Electronic Army briefly took down the website of the New York Times and affected Twitter and the UK version of the Huffington Post Tuesday afternoon.
Melbourne IT, an internet services that provides a variety of services including web address registration, confirmed to The Desk that user credentials were compromised sometime on Tuesday. Those credentials gave unauthorized individuals access to various Domain Name Service records, including a record belonging to the New York Times website NYTimes.com
“We are currently reviewing our logs to see if we can obtain information on the identity of the party that has used the reseller credentials, and we will share this information with the reseller and any relevant law enforcement bodies,” Melbourne IT spokesman Tony Smith said in a statement reeled to The Desk.
In a series of Twitter posts on Tuesday, the Syrian Electronic Army claimed responsibility for attacks against the registration records of the New York Times as well as the Huffington Post UK and Twitter.com.
A hacker with the group who goes by the name “The Shadow” confirmed to The Desk that the SEA had compromised Melbourne IT.
The website of the New York Times as well as the newspaper’s smartphone and tablet apps suffered an outage for over four hours as a result of the compromise. Employees with the paper tweeted that their website was suffering from a “malicious external attack.”
Twitter issued a statement saying it was aware of some disruptions involving Twimg.com, the microblog’s photo sharing service. The Huffington Post did not appear to have been outwardly affected by the cyber attack.
The Syrian Electronic Army has compromised several Twitter accounts and mobile applications belonging to international news organizations — mostly western — over the past several months. The most notable attack came in April when hackers compromised a Twitter account used by the Associated Press, publishing a message that claimed President Obama had been injured in an explosion at the White House. The tweet briefly caused the Dow Jones to drop 100 points before it became apparent that the information was false.
