Image: Pastebin
Pastebin, the most popular website where users can share small snippets of text, has added two new features today that cyber-security researchers believe are going to be widely and wildly abused by malware operators.
Named "Burn After Read" and "Password Protected Pastes," the two new features allow Pastebin users to create pastes (pieces of text) that expire after a single read or pastes that are protected by a password.
None of the two features are original, as they have been present on many paste sites for years.
However, they are new to Pastebin, which is, by far, today's most popular pastes portal, being ranked in the Alexa Top 2,000 most popular sites on the internet.
Pastebin has been abused in malware operations
As with anything popular, this has also attracted a lot of bad content that's has been hosted on the platform. While some people use it to host pieces of code or text they wanted to share with a colleague, over the past decade, Pastebin has also turned into a de-facto hosting service for malicious code.
Across the years, malware authors have used Pastebin to store malicious commands that they retrieve and run on infected hosts, hacked data, IP addresses for malware command and control servers, and many other operational details.
Ted Samuels, an incident response (IR) consultant, told ZDNet today that it's hard to put a number or percentage on Pastebin's presence in malware operations, but described it as "not uncommon."
"Pastebin is by far the most prolific 'paste site' and fairly popular staging ground for fileless attacks using PowerShell. For example, a threat actor's initial payload ma ..
Support the originator by clicking the read the rest link below.
