Also, the website that people are being redirected to could also be engineered to check if visitors have unpatched software vulnerabilities that could be used to infect their computers with malware.
Since the websites in this attack have high traffic, "you can infect millions of people in minutes," Ulevitch said.
The SEA's website is based in Russia, said Jamie Blasco, director of AlienVault. That website was not responding, which was likely the result of an overwhelming amount of redirected traffic. The SEA could not immediately be reached for comment.
Eileen M. Murphy, vice president of corporate communications for the New York Times, said the newspaper's website appeared down to people browsing from within the U.S. but was working for those outside the country.
"We're working on resolving it as we speak," Murphy said.
Twitter said one of its domains used for serving images, twimg.com, was affected starting at 20:49 UTC and disrupted the viewing of some images. The domain was restored at 22:29 UTC, Twitter wrote in a service update.
"No Twitter user information was affected by this incident," the company said.
Send news tips and comments to email@example.com. Follow me on Twitter: @jeremy_kirk