Feeds

DDoSers attack DoubleClick

And now for an ad break

  • alert
  • submit to reddit

Internet Security Threat Report 2014

Internet ads firm DoubleClick was the victim of a distributed denial of service attack yesterday.

A flood of malicious traffic from a network of zombie machines reduced DoubleClick's ability to serve ads over the Web, affecting many of its high-profile customers. Services have now been restored to normal. But at the height of the assault yesterday afternoon (UK time) the availability of Web pages featuring ads served by DoubleClick was severely reduced.

Website hit particularly hard included Nortel Networks, Gateway, CNN.com and Schwab.com and The Washington Post. Admins had to stop DoubleClick's ads from running on their sites in order to make the rest of their content accessible. DoubleClick's own website was also hit by the assault.

DoubleClick spokeswoman Jennifer Blum said the attack targeted the firm's domain name servers (DNS) causing "severe service disruptions" for all 900 customers, the The Washington Post reports. The attack ran from approximately 10:30 EDT to 14:00 EDT.

The Washington Post compares the assault on DoubleClick to a recent brownout of sites served by content distribution firm Akamai. Akamai blamed a software glitch for problems that rendered a variety of high-profile websites and services temporarily unavailable for approximately 90 minutes on 24 May. A better comparison for the attack against DoubleClick might be a DDoS assault against Internet payments firm WorldPay last November.

Many such attacks originate from a network of hosts compromised by viruses such as MyDoom and Phatbot. These turn infected machines into zombie drones under the control of virus writers or their accomplices. Owners of these zombie PCs are often ignorant of the involvement of their computers in attacks, which are growing more sophisticated.

A simple DDoS attack is relatively straightforward to block, but some tools allow hackers to launch 'mutating attacks' against targeted systems. By running through a spectrum of attacks it's possible to keep a site locked down for hours, or even days. ®

Related stories

Search drives US online ad sales
WorldPay fights 'massive, orchestrated' attack
WorldPay recovers from massive attack
Akamai software glitch provokes Web brownouts
Cybercops seize Russian extortion masterminds (suspects in DDoS attacks against online bookies)
Bagle copycat builds Zombie attack network
Phatbot arrest throws open trade in zombie PCs
Microsoft attack worm rides on the back of MyDoom

Choosing a cloud hosting partner with confidence

More from The Register

next story
Webcam hacker pervs in MASS HOME INVASION
You thought you were all alone? Nope – change your password, says ICO
You really need to do some tech support for Aunty Agnes
Free anti-virus software, expires, stops updating and p0wns the world
USB coding anarchy: Consider all sticks licked
Thumb drive design ruled by almighty buck
Attack reveals 81 percent of Tor users but admins call for calm
Cisco Netflow a handy tool for cheapskate attackers
Privacy bods offer GOV SPY VICTIMS a FREE SPYWARE SNIFFER
Looks for gov malware that evades most antivirus
Patch NOW! Microsoft slings emergency bug fix at Windows admins
Vulnerability promotes lusers to domain overlords ... oops
prev story

Whitepapers

Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
The hidden costs of self-signed SSL certificates
Exploring the true TCO for self-signed SSL certificates, including a side-by-side comparison of a self-signed architecture versus working with a third-party SSL vendor.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.