The recent attack targeting the website of the New York Times was the latest effort by the Syrian Electronic Army (SEA), which aims to compromise the websites of major media outlets and social networks.
But according to a disturbing new report, individuals who attempted to visit the New York Times website during its recent outage may have been exposed to malware.
[The SEA was]… able to change the records so that rather than pointing to nytimes.com, for example, the Times’ name servers pointed to a domain controlled by the attackers. Officials at CloudFlare, a cloud hosting provider that was involved in the effort to counter the attack, said that the domain to which visitors were redirected was serving malware.
Threatpost, a trusted cybersecurity website, explains that Cloudflare ultimately helped the New York Times emerge from this cyber attack, which began when MelbourneIT, the registrar the Times, was targeted and soon compromised.
“This was a very spooky attack,” says Matthew Prince, CEO of CloudFlare. “MelbourneIT is known for having higher security than most registrars. We are hopeful that they will post the details of the attack as they are discovered so organizations can understand the threat and how to better protect themselves.”