In most cases, sites responded slowly as they struggled to load DoubleClick banners. The Washington Post was among the sites that removed DoubleClick’s ad code from its pages until the attack concluded. DoubleClick uses at least four nameservers to direct traffic on its ad network.
The attack was similar in concept to a June 15 attack on Akamai, which also targeted DNS servers and caused downtime for major sites relying on Akamai’s network services. In both cases, attackers were able to focus their attacks on a service provider and use it to amplify the effect of their efforts.
Akamai cited a bot network of compromised servers as the culprit in the June 15 attacks. DoubleClick said it was taking steps to prevent a recurrence.