Snynet Solution Logo
MON - SUN: 10 AM - 6 PM
+60 11 5624 8319

Blog

Pastebin may have just doomed us all

Image Description

Pastebin allows users to share small snippets of text online but two new features recently added to the service have left the cybersecurity community concerned that they could make it easier to disguise malware operations.

The two new features, named “Burn After Read” and “Password Protected Pastes”, allow the service's users to create pastes that expire after being read once as well as pastes that are password protected. While new to Pastebin, these features have existed on many other paste sites for years. However, Pastebin is the largest paste site on the internet by far with 18m monthly visitors, according to ExpandedRamblings.

As the service has grown in popularity, it has turned into a place where cybercriminals can easily host their malicious code online to be used by others in cyberattacks. Over the past decade, Pastebin has increasingly been used by cybercriminals who use the service to store malicious commands, hacked data, IP addresses for C&C servers and other operational details.

In order to counteract the ways in which cybercriminals are misusing the service, cybersecurity firms have created tools capable of scraping new Pastebin entries to search for malicious or sensitive content as soon as it is uploaded on the site. Once found, these malicious pastes are indexed in private threat intel databases and are also reported to the service in order to have them taken down.

Burn After Read and Password Protected Pastes

By adding its new Burn After Read and Password Protected Pastes features, Pastebin will effectively make it harder for security researchers to prevent malware from ending up on the service.

Over the years, security researchers and Pastebin have had their share of disagreements over how the service can be used by cybercriminals. However, back in April of this year, Pastebin wanted to discontinue its Scraping API that is used by security researchers to detect new content being uploaded to the service. Thankfully though, Pastebin decided not to follow through with its plan to discontinue the API following massive backlash and media coverage.

In a tweet, Pastebin made the case that the new features will benefit security by giving users more control over who can see their pastes on its site.

While Pastebin does acknowledge that its new features may be abused by cybercriminals, the service has taken a number of steps to improve its security including introducing a new Enterprise API subscription, partnering with global cybersecurity companies to protect its site, partnering with law enforcement agencies and implementing Abuse Management and Threat Analysis teams who work closely with both law enforcement and industry partners.

Whether or not Pastebin will end up discontinuing Burn After Read and Password Protected Pastes is still unclear but given the amount of backlash the service has already received regarding these features, this could end up being the case.

Via ZDNet

Date

28 Sep 2020

Sources

Share

Other Blog

  • Brave browser cuts off another avenue for tracking your web activity

    In order to further protect users of its browser from unwanted tracking online, Brave Software has announced in a new blog post that it will add debouncing protection to Brave.

    Bounce tracking is yet another technique websites use to follow users around the web. The technique itself works by injecting additional sites between a site a user is currently visiting and another site they want to navigate to. Over time these intermediate sites learn what websites a user has visited which allows them to perform tracking in a similar way to using third-party cookies.

    Beginning with version 1.32 of Brave on desktop, the browser will protect users against bounce tracking by automatically recognizing when they are about to visit a known tracking domain, skipping visiting the tracking site all together and instead directly navigating a user to their intended destination.

    • We've put together a list of the best browsers available
    • These are the best VPN services on the market today
    • Also check out our roundup of the best proxy

    Brave Software's new debouncing feature is currently available in nightly versions of Brave but will be rolled out to all users soon.

    Debouncing in Brave

    With its new debouncing feature, Brave not only protects users against bounce tracking on websites but also bounce-tracking URLs used in other places across the web including links in affiliate marketing emails.

    In order to know which URLs employ bouncing tracking, the company maintains a list on GitHub that is drawn from a mix of crowd-sourced and existing open source projects including the URL Tracking Stripper, Link Clearer and Clear URLs extensions. However, additional rules are also maintained by Brave Software and the company plans to keep this list up to date and add more bounce-tracking URLs to it going forward.

    Debouncing isn't the only bounce tracking protection in Brave though as the browser utilizes query parameter stripping and warns users when they are about to visit a suspected bounce tracking site.

    In addition to bringing debouncing to its browser, Brave Software is also working with the W3C to help standardize protections against bounce tracking so that they can be implemented by other browsers as well.

    Read More

  • Early Black Friday laptop deals are now live at Currys

    Curry's isn't waiting around for Black Friday - it's already slashed the prices of some excellent laptops.

    Read More

  • Windows 10 update created a major password problem

    This frustrating Windows 10 password issue will test your patience - but there's a fix.

    Read More

  • Apple may have leaked a secret MacBook Pro 2020

    Latest Boot Camp release notes reference an unreleased 2020 model of the 16-inch MacBook Pro.

    Read More

Find Out More About Us

Want to hire best people for your project? Look no further you came to the right place!

Contact Us