<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=254990494906321&amp;ev=PageView&amp;noscript=1">

What is Pastebin and Why Do Hackers Love It?

Alex Ciarniello September 24, 2019

Pastebin is a third-party website that allows users to share text and source code. The site currently has 17 million unique monthly users. Why?

There are many similar pastebin-like web applications that have developed since the original Pastebin was launched in 2002. The need for Pastebin rose out of user activity on the Internet Relay Chat (IRC). IRC is an instant messaging application launched in 1988. It’s designed for a large user base to communicate in real-time, and is popular for sharing plain text, including blocks of source code. 

Learn more about dark web threat intelligence and darknet data

Code sharing directly in IRC channels (and other messaging applications) disrupts the flow of messages or can alter the code itself. Users require a third-party site where they can share plain text as a link, allowing other users to easily access and edit it. Enter: Pastebin.

What do people share on Pastebin?

sharing source code on pastebin sites

The most common use of Pastebin is for code sharing. However, any data in text form can be uploaded and shared on the site. Users can use the Pastebin search tool to find relevant content based on keyword. The following are some examples of text shared on Pastebin:

  • As an alternative to applications like Google Docs for sharing text.
  • Twitter users sharing updates longer than the 140 character limit often tweet a Pastebin link with the complete text.
  • Uploading source code for the purpose of sharing or review/collaboration.
  • Spam/site promotion
  • Re-publishing text that has been removed from other sites
  • Sharing dark web links
  • Publicizing breached data and sensitive information

New call-to-action

Why Do Hackers Love Pastebin?

As it might be clear from the list above, Pastebin is often used for nefarious purposes. In fact, the site was sold to its current owner Jeroen Vader in 2009 after the site was shut down due to a Hotmail data breach.

Pastebin’s FAQ page currently prohibits posting:

  • Email addresses and password lists
  • Login details
  • Stolen source code
  • Hacked data
  • Copyrighted information
  • Banking, credit card, or financial information
  • Personal information
  • Pornographic information
  • Spam links, including site promotion

These frequently reported items represent how Pastebin is used by hackers with adverse motives. The site is user-friendly, supports large text files, doesn’t require user registration, and allows for anonymous posting if the user has a VPN. Pastebin also relies on users for its abuse report system, which means non-compliant pastes are not always flagged or removed immediately. All of this makes Pastebin a popular platform for black hat hackers.

What Has Been Leaked on Pastebin?

credit card information shared on pastebin sites

Given the content of nefarious pastes on the site, it’s no surprise that Pastebin has been involved in a number of headline-worthy leaks. 

Sony Pictures

In October 2014, Sony Pictures’ computer systems were hacked by a group known as Guardians of Peace (GOP). The hack breached a large amount of data, including employee information for over a million individuals, upcoming production details, and music codes. Pastebin was inundated with traffic as links to this information were uploaded.

Infragard

Another hacker group known as LulzSec leaked the user base of Infragard, an FBI affiliate based in Atlanta, on Pastebin. 180 of Infragard’s logins were exposed, as well as email communications that revealed sensitive intel about a U.S. operation to control Libyan cyberspace.

New call-to-action

Google vs. Facebook

Pastebin’s highest ever traffic volume occurred in May 2011 after a user posted email correspondence between a Facebook-backed PR agency and Chris Soghoian, an internet security blogger. In the emails, the agency declined to disclose their client (Facebook), and pitched an anti-Google op-ed piece questioning Google’s user privacy standards.

Pastebin and Beacon

email laptop message man

Pastebin is a valuable data source for cybersecurity teams and public safety officials seeking threat intelligence. Information linked to security breaches, doxxing or personal information leaks, hacked financial data, and stolen source code is all useful for investigating cybercrimes and mitigating threats.

Despite the volume of useful threat intelligence available on Pastebin, it’s not always easy to find. Pastes aren’t always indexed by search engines such as Google, and finding relevant pastes using Pastebin’s keyword search is difficult unless you know exactly what you’re looking for. Pastes might also be taken down by the time you are able to find their links.

Search the dark web with Beacon

These challenges necessitate a tool that can search for relevant data on open websites such as Pastebin. Beacon is an open source dark web discovery tool that also indexes open websites like Pastebin. Users can search unindexed content on the deep and dark web by keyword and other search filters, such as site type, username, and date crawled. Relevant pastes are easier and faster to find—and if they’ve been removed by moderators, the content is still viewable within Beacon, as long as retaining that paste is in compliance with Pastebin’s terms of use.

The dark web isn’t the only place with relevant intel for threat detection. Open websites like Pastebin have become popular sites for hackers to breach sensitive information. Being able to quickly and easily access this information requires advanced threat discovery tools.

 

Book a demo today and see how Beacon can streamline your cyber investigations process.

BOOK A DEMO

 

THE INTEL

Quarterly updates, news and opinionGET THE INTEL

READ MORE

New call-to-action
New call-to-action
New call-to-action
New call-to-action