Pastebin: And Its Purpose Is?

September 29, 2020

DarkCyber noted  “Pastebin Adds Burn After Read and Password Protected Pastes to the Dismay of the Infosec Community.”

Here’s the passage one of the DarkCyber researchers noted before sending the item to me:

Named “Burn After Read” and “Password Protected Pastes,” the two new features allow Pastebin users to create pastes (pieces of text) that expire after a single read or pastes that are protected by a password.

“And the purpose of pastesites is?” is a question the write up does not answer. On the surface, sharing snips of text seems innocent enough.

The write up notes:

While some people use it to host pieces of code or text they wanted to share with a colleague, over the past decade, Pastebin has also turned into a de-facto hosting service for malicious code.

There are some other interesting use cases too. Years ago, DarkCyber learned about pastesite flexibility in information provided by Recorded Future, the predictive analytics outfit. Among the more interesting functions of Pastebin in particular and the dozens of other text hosting outfits was providing ONION addresses for unusual and interesting Dark Web destinations, among other types of content.

There’s a common sense suggestion in the write up too: Block pastesites.

Some law enforcement and intelligence professionals have a passing interest in Pastebin and similar sites. Pastebin has an Abuse Management and Threat Analysis team ready to assist LE and intel professionals with their requests. Sometimes the requests require documents, authorizations, and explanations. Speedy response is possible. But how “speedy” is speedy? That’s another good question ignored by the write up.

Stephen E Arnold, September 29, 2020

Comments

Comments are closed.

  • Archives

  • Recent Posts

  • Meta