The hacking team suspected of infiltrating New York Times computers for four months has resurfaced with new attack tools after months of lying low, security researchers said.

The group, commonly known as APT 12, has for years engaged in a series of computer intrusions designed to obtain sensitive information from government agencies, military contractors, journalists, and others. According to a blog post published Monday by research firm FireEye, the gang went silent after the exposure of the four-month hacking campaign, which the NYT said was in response to a story critical of the family of Chinese prime minister Wen Jiabao.

Now the group is back, this time attacking an unidentified "organization involved in shaping economic policy," Monday's report said. In addition to hitting a new target, the group also used an updated hacking tool from the Backdoor.APT.Aumlib and Backdoor.APT.Ixeshe malware families.

"We cannot say for sure whether the attackers were responding to the scrutiny they received in the wake of the episode," the researchers wrote. "But we do know the change was sudden. Akin to turning a battleship, retooling [techniques and procedures] of large threat actors is formidable. Such a move requires recoding malware, updating infrastructure, and possibly retraining workers on new processes."

Previously, Aumlib and Ixeshe hadn't been updated since May 2011 and December 2011 respectively, FireEye said.

The updates may make it easier for the tools to evade intrusion detection services deployed to block hack attacks. Companies should make sure signatures are updated so the systems will flag the latest versions.