DoubleClick blacks out from Web attack

The outage, first noticed at about 7 a.m. PDT, stemmed from a denial-of-service (DoS) attack that targeted DoubleClick's domain name server (DNS) system. The attack originated from "outside sources" that caused service disruption for DoubleClick's ad service clients, according to company spokeswoman Jennifer Blum.

"The vast majority is up and running," Blum said in an interview of the company's network of services that were affected by the attack. However, there are still some clients that are experiencing service outages.

"We are working on it, and we have notified the proper people," Blum added. She declined to elaborate on which law enforcement bodies are involved in the investigation.

DoS attacks involve flooding a Web site's servers with packets of information or sending streams of requests for information. As a result, servers cannot handle the load and shut down, causing blackouts that last for hours and sometimes for days. In this case, according to DoubleClick, the attackers targeted its DNS servers, which translate word-based Web addresses, such as www.doubleclick.com, into numeric Internet addresses.

Many of these attacks originate from viruses that use "zombie" PCs to attack sites from multiple locations. Owners of these zombie PCs often have no idea that their computers were involved in attacks, since the viruses are good at hiding themselves on systems.

Today's attack comes a day after a variant of the MyDoom worm hit popular search engines, including Google, Yahoo, AltaVista and Lycos, causing slowdowns and brief outages. Dubbed MyDoom.M and MyDoom.O, the worm infected e-mail in-boxes and then flooded these Web sites with search requests.

DoubleClick joins Internet infrastructure company Akamai as targets for DNS attacks. In June, a DoS attack targeting Akamai's DNS servers caused brief blackouts among the company's biggest clients, including Google, Yahoo, Microsoft and Apple Computer.