DDoSers attack DoubleClick

And now for an ad break

Internet ads firm DoubleClick was the victim of a distributed denial of service attack yesterday.

A flood of malicious traffic from a network of zombie machines reduced DoubleClick's ability to serve ads over the Web, affecting many of its high-profile customers. Services have now been restored to normal. But at the height of the assault yesterday afternoon (UK time) the availability of Web pages featuring ads served by DoubleClick was severely reduced.

Website hit particularly hard included Nortel Networks, Gateway, CNN.com and Schwab.com and The Washington Post. Admins had to stop DoubleClick's ads from running on their sites in order to make the rest of their content accessible. DoubleClick's own website was also hit by the assault.

DoubleClick spokeswoman Jennifer Blum said the attack targeted the firm's domain name servers (DNS) causing "severe service disruptions" for all 900 customers, the The Washington Post reports. The attack ran from approximately 10:30 EDT to 14:00 EDT.

The Washington Post compares the assault on DoubleClick to a recent brownout of sites served by content distribution firm Akamai. Akamai blamed a software glitch for problems that rendered a variety of high-profile websites and services temporarily unavailable for approximately 90 minutes on 24 May. A better comparison for the attack against DoubleClick might be a DDoS assault against Internet payments firm WorldPay last November.

Many such attacks originate from a network of hosts compromised by viruses such as MyDoom and Phatbot. These turn infected machines into zombie drones under the control of virus writers or their accomplices. Owners of these zombie PCs are often ignorant of the involvement of their computers in attacks, which are growing more sophisticated.

A simple DDoS attack is relatively straightforward to block, but some tools allow hackers to launch 'mutating attacks' against targeted systems. By running through a spectrum of attacks it's possible to keep a site locked down for hours, or even days. ®

Related stories

Search drives US online ad sales
WorldPay fights 'massive, orchestrated' attack
WorldPay recovers from massive attack
Akamai software glitch provokes Web brownouts
Cybercops seize Russian extortion masterminds (suspects in DDoS attacks against online bookies)
Bagle copycat builds Zombie attack network
Phatbot arrest throws open trade in zombie PCs
Microsoft attack worm rides on the back of MyDoom

Sponsored: Designing and building an open ITOA architecture