NEWS CATEGORIES:

NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
MEET THE EDITORS >>

Find us on Google+

Home > News > Security

July 30th, 2011, 10:27 GMT · By Lucian Constantin

Anonymous Develops New Denial of Service Tool

Adjust text size:

New Anonymous DDoS tool exploits SQL vulnerability

Anonymous supporters are building a new denial of service tool which is said to exploit SQL vulnerabilities to support the group's future campaigns.

According to The Tech Herald which spoke with its creators, the new tool is called RefRef and is developed in JavaScript. This means that it works in any modern browser on any operating system, including those in smartphones and tablets.

The tool is very effective, a 17-second attack from a single machine resulting in a 42-minute outage on Pastebin yesterday.

As expected, the Pastebin admins weren't very happy with their platform being used for such tests and tweeted "Please do not test your software on us again."

The effectiveness of RefRef is due to the fact that it exploits a vulnerability in a widespread SQL service. The flaw is apparently known but not widely patched yet.

The tool's creators don't expect their attacks to work on a high-profile target more than a couple of times before being blocked, but they don't believe organizations will rush to patch this flaw en masse before being hit.

This means there are a lot of possible targets out there that will be hit at least once. "This tool only makes you vulnerable if you don't keep your systems patched, perform the basic security, which is how Sony got caught with it's pants down," the RefRef developers said.

The tool works by turning the servers against themselves. It sends malformed SQL queries carrying the payload which in turn forces the servers to exhaust their own resources. However, the tool's GUI does have a field for inputting the refresh interval so it might combine traditional forms of HTTP hammering with the new technique.

Anonymous currently uses a tool called Low Orbit Ion Canon (LOIC) in their DDoS campaigns. This tool is voluntarily run by supporters on their machines and can refresh a target page continuously or become part of a botnet, a feature known as the hivemind.

Some security experts have been skeptical that the success of Anonymous's DDoS attacks can be explained through LOIC alone. They proposed that some of the group's supporters also have access to botnets, a theory that has partially proven to be correct.

Update August 1, 2011: Corrected the duration of the test attack against Pastebin. The original story said 17 minutes instead of seconds.

FILED UNDER:

TELL US WHAT YOU THINK:

3,339 hits · 2 comments · Link to this article · Print article · Send to friend · Subscribe to news

MUST-READ RELATED ARTICLES:

New URL Shortener Hijacks Browsers for DDoS

Anonymous DDoS Tool Gets Botnet Capabilities

FBI Investigation Targets Anonymous Attacks Against Koch Industries

FBI Cracks Down on Anonymous and LulzSec Members

READER COMMENTS:

Comment #1 by: ChesterD on 30 Jul 2011, 14:56 UTC	reply to this comment
the Tech Herald article says 17 seconds in the first paragraph after their screenshot and you're saying 17 minutes. so who is right ?

Comment #1.1 by: Lucian Constantin on 01 Aug 2011, 09:53 GMT

The Tech Herald article is correct. It is seconds, not minutes. I have amended our story. Thanks for spotting and reporting the error.

SUBMIT PROGRAM \| ADVERTISE \| GET HELP \| SEND US FEEDBACK \| RSS FEEDS \| UPDATE YOUR SOFTWARE \| ROMANIAN FORUM
© 2001 - 2012 Softpedia. All rights reserved. Softpedia® and the Softpedia® logo are registered trademarks of SoftNews NET SRL.	Copyright Information \| Privacy Policy \| Terms of Use