Feeds

Pastebin.com hiring staff to get rid of activists' dumps

No matter how I scrub, stink of leakage still on me

SANS - Survey on application security programs

Pastebin.com has promised to police content on its site more tightly by hiring staff to delete data dumps and other sensitive information more quickly.

The site, one of several of its type and originally set up primarily for programmers, has become a favourite dumping ground for hacktivists from Anonymous and LulzSec over recent months. Many of these posts have revealed an array of personal information swiped from the insecure systems of targets including home addresses, email passwords and (more rarely) credit card details. The dumps are then linked to and publicised by Twitter updates from the various hacktivists.

Pastebin.com relied on an abuse report system to flag up potentially controversial material. However Jeroen Vader, the 28-year-old Dutch entrepreneur who bought the site two years ago, told the BBC that the present system isn't responsive enough and that Pastebin.com plans to hire staff to actively scour the site so that "sensitive information" might be removed more quickly. PasteBin currently gets 1,200 abuse reports a day via either its on-site notification system or by email.

"I am looking to hire some extra people soon to monitor more of the website content, not just the items reported," Vader told the BBC in an email interview. "Hopefully this will increase the speed in which we can remove sensitive information."

Vader said Pastebin.com, which makes its income from selling banner ads, attracts an average of 17 million unique visitors a month, up from 500,000 two year ago. Trending topics on the site frequently include data dumps from hacktivists involved in AntiSec movement, an offshoot of Anonymous which aims to expose the security shortcomings of computer security firms, police agencies and other high profile organisations. Recent data dumps have included the purported details extracted from a high-profile hack on intelligence agency Stratfor last December and from a data dump of passwords from the YouPorn sex vid channel, among others. Other data dumps of local organisations have led to the blocking of Pastebin in both Pakistan and Turkey.

Pastebin asks its members to avoid posting password lists, stolen source code or personal information. As well as being the go-to place for data dumps, Pastebin.com is also often used by hacktivists to try out the effectiveness of DDoS tools.

"In the last three months not a single day has gone by that we didn't get some kind of DDoS [distributed denial of service] attack," Vader said. "I do hear from people in the hackers' community that many hackers like to test their DDOS skills on Pastebin." ®

3 Big data security analytics techniques

More from The Register

next story
Virgin Media so, so SORRY for turning spam fire-hose on its punters
Hundreds of emails flood inboxes thanks to gaffe
A black box for your SUITCASE: Now your lost luggage can phone home – quite literally
Breakfast in London, lunch in NYC, and your clothes in Peru
AT&T dangles gigabit broadband plans over 100 US cities
So soon after a mulled Google Fiber expansion, fancy that
AT&T threatens to pull out of FCC wireless auctions over purchase limits
Company wants ability to buy more spectrum space in auction
Google looks to LTE and Wi-Fi to help it lube YouTube tubes
Bandwidth hogger needs tube embiggenment if it's to succeed
Turnbull gave NBN Co NO RULES to plan blackspot upgrades
NBN Co faces huge future Telstra bills and reduces fibre footprint
NBN Co plans fibre-to-the-basement blitz to beat cherry-pickers
Heading off at the pass operation given same priority as blackspot fixing
NBN Co in 'broadband kit we tested worked' STUNNER
Announcement of VDSL trial is not proof of concept for fibre-to-the-node
prev story

Whitepapers

Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.