Pastebin’s new features concern infosec community

Catalin Cimpanu reports that Pastebin added new features that researchers fear and predict will be wildly abused:

Named “Burn After Read” and “Password Protected Pastes,” the two new features allow Pastebin users to create pastes (pieces of text) that expire after a single read or pastes that are protected by a password.

None of the two features are original, as they have been present on many paste sites for years.

Read more on ZDNet.

During thedarkoverlord’s heyday in 2016-2017, they were dumping patient data or victim data on Pastebin that a public search using would not have revealed and that you would only find if you knew the url. TDO used such “private” pastes to try to increase pressure on their victims by sending them links to those pastes and warning them that they would make them public if the victim did not pay the extortion demand. So it’s not like misusing Pastebin for criminal purposes is totally new, but what TDO did is not quite the same thing as having password protection.

About the author: Dissent

Comments are closed.