#RefRef is a Perl-based DoS attack tool developed by the Hacktivist group ‘Anonymous’ that uses a vulnerability in MySQL to perform an SQL injection involving the MySQL BENCHMARK() function. #RefRef abuses the BENCHMARK () function which allows for the repeated execution of an expression in order to exhaust a targeted server’s resources.
Unlike LOIC (a network stress testing tool whose use to level DDoS attacks was popularized by Anonymous), #RefRef does not require a vast number of machines in order to take down a server due to the nature of its attack vector. If the server’s backend uses MySQL and is vulnerable, few machines are needed to cause a significant outage. A 17-second attack from a single machine on July 29th, 2011 was able to bring Pastebin offline for 42 minutes.