How the Syrian Electronic Army took out the New York Times and Twitter sites
Once more, the Syrian Electronic Army (SEA), a pro-Syrian strongman Bashar al-Assad organization, has struck on the internet.
This time, SEA hit The New York Times (NYT), Twitter, and other popular sites. Unlike previous attacks that relied on phishing attacks to gain password information from the target site's authorized users, SEA is using the weak security of the internet's master address book, the Domain Name System (DNS), to re-route internet traffic from its real destination to SEA-controlled sites.
What the SEA did was mindlessly simple. It simply compromised Melbourne IT, an Australian DNS register reseller, with a phishing attack. Once it had its hands on the reseller's credentials, the group simply logged in and changed the NYT and Twitter domain name records — that is, their addresses as far as your web browser and other internet programs are concerned.