April 20, 2020

Changes at Pastebin have security researchers red in the face

An unusual site that’s sometimes frequented by hackers angered researchers by turning off their access to a scraping API.

If you’ve never been to Pastebin, it looks kinda like the internet’s biggest box of programmer Post-It notes.

Founded in 2002, the site was designed for developers who want to save and share raw text.

Typically, that means bits of code, but Pastebin will take pretty much whatever text you feed it. The vast majority of its abc’s and 123’s wouldn’t make you look twice — the Pastebin public archive is chock full of scintillating “untitled” material.

But in darker corners of the web, Pastebin is a destination for hackers and malcontents. They’re known to post lists of passwords pilfered in data breaches, violent manifestos, and other unsavory stuff.

Security researchers try to keep them at bay — by scraping the site using a special API, and paying $50 for the privilege.

But now there’s a fire in the ‘bin

Last week, Motherboard reported that Pastebin turned off access to its scraping API. According to CyberScoop, some Twitter accounts were dedicated to catching and flagging malware on Pastebin before it could do any damage.

By turning off the scraping API, Pastebin pissed off people who fought the good fight against the black hats — and folks who had forked over $50 for lifetime access to the scraping tool. A sampling of the criticism: 

“Umm @pastebin do you know how many malware payloads we collect every day from scraping you, you just made the whole Internet a little bit more scummy by removing our ability to do that,” one user tweeted. “Hope you are planning on policing your own platform from now.”

They’ve got some ‘splainin to do

Pastebin said it pulled the plug because of “active abuse by third parties for commercial purposes” — AKA services that charge people to rifle through Pastebin’s huge pile o’ Post-Its.

Daily briefings, straight to your inbox

Business and tech news in 5 minutes or less

Join over 1 million people who read The Hustle

Psst

How'd Bezos build a billion dollar empire?

In 1994, Jeff Bezos discovered a shocking stat: Internet usage grew 2,300% per year.

Data shows where markets are headed.

And that’s why we built Trends — to show you up-and-coming market opportunities about to explode. Interested?

Join us, it's free.

Look, you came to this site because you saw something cool. But here’s the deal. This site is actually a daily email that covers the important news in business, tech, and culture.

So, if you like what you’re reading, give the email a try.