#RefRef is a Perl-based DoS attack tool developed by the Hacktivist group ‘Anonymous’ that uses a vulnerability in MySQL to perform an SQL injection involving the MySQL BENCHMARK() function. #RefRef abuses the BENCHMARK () function which allows for the repeated execution of an expression in order to exhaust a targeted server’s resources.

Unlike LOIC (a network stress testing tool whose use to level DDoS attacks was popularized by Anonymous), #RefRef does not require a vast number of machines in order to take down a server due to the nature of its attack vector. If the server’s backend uses MySQL and is vulnerable, few machines are needed to cause a significant outage. A 17-second attack from a single machine on July 29th, 2011 was able to bring Pastebin offline for 42 minutes.

Contact Radware Sales

Our experts will answer your questions, assess your needs, and help you understand which products are best for your business.

Already a Customer?

We’re ready to help, whether you need support, additional services, or answers to your questions about our products and solutions.

Get Answers Now from KnowledgeBase
Get Free Online Product Training
Engage with Radware Technical Support
Join the Radware Customer Program

Get Social

Connect with experts and join the conversation about Radware technologies.

Security Research Center