Pastebin is a third-party website that allows users to share text and source code. The site currently has 17 million unique monthly users. Why?
There are many similar pastebin-like web applications that have developed since the original Pastebin was launched in 2002. The need for Pastebin rose out of user activity on the Internet Relay Chat (IRC). IRC is an instant messaging application launched in 1988. It’s designed for a large user base to communicate in real-time, and is popular for sharing plain text, including blocks of source code.
Code sharing directly in IRC channels (and other messaging applications) disrupts the flow of messages or can alter the code itself. Users require a third-party site where they can share plain text as a link, allowing other users to easily access and edit it. Enter: Pastebin.
What do people share on Pastebin?
The most common use of Pastebin is for code sharing. However, any data in text form can be uploaded and shared on the site. Users can use the Pastebin search tool to find relevant content based on keyword. The following are some examples of text shared on Pastebin:
- As an alternative to applications like Google Docs for sharing text.
- Twitter users sharing updates longer than the 140 character limit often tweet a Pastebin link with the complete text.
- Uploading source code for the purpose of sharing or review/collaboration.
- Spam/site promotion
- Re-publishing text that has been removed from other sites
- Sharing dark web links
- Publicizing breached data and sensitive information
Why Do Hackers Love Pastebin?
As it might be clear from the list above, Pastebin is often used for nefarious purposes. In fact, the site was sold to its current owner Jeroen Vader in 2009 after the site was shut down due to a Hotmail data breach.
Pastebin’s FAQ page currently prohibits posting:
- Email addresses and password lists
- Login details
- Stolen source code
- Hacked data
- Copyrighted information
- Banking, credit card, or financial information
- Personal information
- Pornographic information
- Spam links, including site promotion
These frequently reported items represent how Pastebin is used by hackers with adverse motives. The site is user-friendly, supports large text files, doesn’t require user registration, and allows for anonymous posting if the user has a VPN. Pastebin also relies on users for its abuse report system, which means non-compliant pastes are not always flagged or removed immediately. All of this makes Pastebin a popular platform for black hat hackers.
What Has Been Leaked on Pastebin?
Given the content of nefarious pastes on the site, it’s no surprise that Pastebin has been involved in a number of headline-worthy leaks.
In October 2014, Sony Pictures’ computer systems were hacked by a group known as Guardians of Peace (GOP). The hack breached a large amount of data, including employee information for over a million individuals, upcoming production details, and music codes. Pastebin was inundated with traffic as links to this information were uploaded.
Another hacker group known as LulzSec leaked the user base of Infragard, an FBI affiliate based in Atlanta, on Pastebin. 180 of Infragard’s logins were exposed, as well as email communications that revealed sensitive intel about a U.S. operation to control Libyan cyberspace.
Google vs. Facebook
Pastebin’s highest ever traffic volume occurred in May 2011 after a user posted email correspondence between a Facebook-backed PR agency and Chris Soghoian, an internet security blogger. In the emails, the agency declined to disclose their client (Facebook), and pitched an anti-Google op-ed piece questioning Google’s user privacy standards.
Pastebin and Beacon
Pastebin is a valuable data source for cybersecurity teams and public safety officials seeking threat intelligence. Information linked to security breaches, doxxing or personal information leaks, hacked financial data, and stolen source code is all useful for investigating cybercrimes and mitigating threats.
Despite the volume of useful threat intelligence available on Pastebin, it’s not always easy to find. Pastes aren’t always indexed by search engines such as Google, and finding relevant pastes using Pastebin’s keyword search is difficult unless you know exactly what you’re looking for. Pastes might also be taken down by the time you are able to find their links.
The dark web isn’t the only place with relevant intel for threat detection. Open websites like Pastebin have become popular sites for hackers to breach sensitive information. Being able to quickly and easily access this information requires advanced threat discovery tools.
Book a demo today and see how Beacon can streamline your cyber investigations process.