Security researchers are warning that new features added to Pastebin could enable attackers to hide malware operations. The features, "Burn After Read" and "Password Protected Pastes," enables users to create pastes (text) that expire after a single read or that are protected by a password.
- Pastebin has been used in the past as a staging ground for fileless attacks using PowerShell, explained security consultant Ted Samuels.
- Security researcher Jake warned on Twitter that Pastebin's new features will make it "100x" harder to track threat actors.
- In April, Pastebin turned off access to security researchers' scraping API used to find malicious actors on the site.