The Syrian Electronic Army made a dramatic return this week, taking down the New York Times website and replacing it with a huge "Hacked by Syrian Electronic Army" banner.
The group also messed with the online domain listing for the paper, as well as Twitter.com, and the Huffington Post UK.
Around 4:30pm Eastern (9.30pm BST), the New York Times tweeted that its site was "experiencing technical difficulties. We are working on fully restoring the site." Minutes later, Eileen Murphy, vice president of corporate communications for the Times, said on her own Twitter feed that the "initial assessment [is that] issue is most likely result of malicious external attack."
Later, the Times said the outage was caused by "an online attack on the company's domain name registrar, Melbourne IT. The attack also forced employees of The Times to stop sending out sensitive e-mails."
Marc Frons, chief information officer for The New York Times Company, confirmed that the SEA was behind the attack, "or someone trying very hard to be them."
"Media is going down," the SEA posted on its Twitter feed around 5:40pm Eastern (10.40pm BST), with links to the Times and the UK Huffington Post. While a browser loading nytimes.com here was met with the SEA's message, huffingtonpost.co.uk loaded without issue, though Twitter.co.uk was having difficulty.
The Whois database listings for Twitter, HuffPo, and the NYT, however, were altered. Admin names and email addresses link to the SEA. "Hi @Twitter, look at your domain, its owned by #SEA :)" the SEA tweeted.
In a note posted to the Twitter status blog, the micro-blogging site said that its "DNS provider experienced an issue in which it appears DNS records for various organizations were modified, including one of Twitter's domains used for image serving, twimg.com. Viewing of images and photos was sporadically impacted. By 22:29 UTC, the original domain record for twimg.com was restored. No Twitter user information was affected by this incident."
By 5:50pm Eastern (10.50pm BST), it appears that the Whois databases had been reset; they were no longer showing SEA-related information.
The Syrian Electronic Army emerged in September. The hackers reportedly started attacking Western websites in retaliation for Innocence of Muslims, an anti-Islamic video that resulted in violent demonstrations in the Middle East. They have since been targeting news sites they believe are reporting news hostile to the Syrian government, including the Financial Times, The Guardian, the BBC, Reuters, and even The Onion. Chat apps like Tango and Viber were also attacked.
This latest round of attacks comes as the US plans for a missile strike against Syria, The Washington Post reported.
Earlier this month, The New York Times website was offline for several hours, but that was reportedly due to an internal issue, not a hack.