Sunday, July 31, 2011

Pastebin Security Risks: Monitoring with Rollyo Searchrolls

Although text-sharing “pastebin” sites like pastebin.com and codepad.org have been around for the better part of a decade, I have to admit that I'd never heard of them until LulzSec adopted pastebin.com as its preferred method of shaming its victims. In an article on The Next Web, Matt Brian explores how pastebin.com, once relatively unknown outside the ranks of developers, wound up groaning under the weight of LulzSec's unexpected, and unwelcome, information dumps.

LulzSec gets the headlines, but many publicity-shy individuals and groups also use pastebins for illicit activities such as sharing confidential data, offering PII for sale, trading exploits, and revealing personal information on underground rivals. As Matt Brian notes, a quick look at pastebin.com's “Trending Pastes” shows that a majority of the most popular individual pastes are dumps of breached data, cracked passwords, or other illegitimate content. And Silas Cutler at ReverSecurity points to keylogger dumps and carder profiles among the tens of thousands of daily posts to these sites.

For the information security manager concerned about pastebins, I think there are six general types of risks to be on the lookout for: