Pastebin: A place to save and share your text files. A source review report

0
1661

Pastebin is a website created in 2002 by a group of developers. It was created mainly for the reason to share code files amongst fellow coders, either a snippet or an entire copy of the code. Although it is intended for code sharing, any user can upload any type of text on it, ranging from day-to-day journals, to internet relay chat (IRC) logs, to long and complicated programming codes. Pastebin aims to make sharing large amounts of texts more convenient, because in 1988, programmers used to share codes on IRCs, and a large code shared on the IRC disrupted the messages flow, or even altered the code’s text and ultimately ruined it. Any piece of text uploaded to Pastebin is referred to as “Paste”.

Users can choose to keep their paste online for a variety of time periods, they can choose the option to expire their texts immediately after reading, keep it for 1 hour, 1 year, or forever. Also, Pastebin comes with the option of “Syntax Highlighting”, for which you can specify which programming language you are using, making it easier for other users to identify. You can also choose whether you want your paste to be public, private, or unlisted. Unlisted make the paste hidden from google searches, but available on Pastebin to the users who have the URL. Lastly, Pastebin offers the option to protect your paste with a password.

Pastebin has:

  • More than 2 million members
  • More than 95 million active pastes

Pastebin is not only for codes, but other illegal activities as well

Pastebin, a website that supports text sharing, did not only encourage programmers to share their codes, but also became popular for illegal activities. For example, the infamous hacking group “Anonymous” has used Pastebin in the past to post leaked, breached data.

Pastebin allows a maximum of 512 kilobyte of data (0.5 megabytes), and when it comes to text, 512kb is quite a lot. Pastebin is used to save login information from breached websites, email addresses, credit cards…etc. In 2014, Sony Pictures were hacked by a hacker group called Guardians of Peace (GOP) (Cook, 2014). GOP posted a paste that contained employees’ information for over a million employees, music codes, and even upcoming production details. Pastebin was also used to upload pastes that were sensitive to governments, such as the government of the United States. In 2011, a hacking group known as “LulzSec” hacked and leaked the user base of Infragard, an FBI affiliate in Atlanta (Tsukayama, 2011). Over 150 login credentials were leaked, as well as email chains that contained sensitive information about the United State of America’s operation to control the Lybian cyberspace.

All of these illegal activities, and the many more posted on Pastebin, are against Pastebin’s user policy. Pastebin clearly states that the following are not allowed to be posted:

  • Email lists
  • Login details
  • Stolen source code
  • Hacked data
  • Copyrighted information/data
  • Password lists
  • Banking data
  • Personal information
  • Pornographic data
  • Spam links

As Pastebin works with the community, the moderators rely on the users to report such pastes. This means that they do not catch each and every paste that is against their user policy.

Pastebin has become a hotspot amongst hackers, and this was unacceptable to Pastebin, as it goes against the reason to why it was created, sharing codes. These illegal pastes have made Pastebin and other paste sites a valuable data source for public safety officials and cybersecurity teams, as any leaked information linked to doxing, personal information leaking, security breaching, stolen source codes, and all other posted criminal activity can be used and are useful for cybercrimes investigating and mitigating future and current threats.

Searching through Pastebin

Pastebin has implemented a preventive measure in early 2020 to stop the spread of illegal data, which was the removal of the search bar from its website.

Pre-2020, users were able to search on Pastebin using keywords, for example “Calculator code”, and Pastebin would show you all the public pastes related to the keywords searched. Now, due to the removal of the search bar, users can only search Pastebin using Google. For example, Google search “Pastebin calculator code”.

Figure 1. Google search (n.d.).

Then after choosing a link, the paste will show.

Figure 2. Pastebin (n.d.).

Alternatively, there is another method to browse through pastes, but only if they are one the most recently added pastes. A bar on the right of the page shows 8 of the most recent published pastes.

Figure 3. Pastebin (n.d.).

Summary:

  • Pastebin is a website to store and share small to large data texts, mainly used for codesharing.
  • Pastebin has over 95 million active pastes, meaning you can find many pastes especially if they are coding related.
  • Pastebin has become popular amongst the hacking and criminal community, and you might stumble upon illegally obtained data.
  • The search bar has been removed, and the only way to search through Pastebin is by Googling “Pastebin + keywords”.

Source: