What are Pastes?
According to HaveIBeenPwned.com, “Often when online services are compromised, the first signs of it appear on “paste” sites like Pastebin. Attackers frequently publish either samples or complete dumps of compromised data on these services. ” (click here for more information)
What is Pastebin Specifically?
According to a post on Echoshare.net,:
- “Pastebin is a website that allows users to share plain text through public posts called ‘pastes'”
- “There are many similar web applications, known as ‘paste sites'”
- “Paste sites are commonly used for sharing code.”
- “Pastebin specifically is user-friendly, supports large text files, doesn’t require user registration, and allows for anonymous posting if the user has a VPN. “
- “This allows black hat hackers to easily and anonymously breach data in an accessible place.”
- Finally, per the Pastebin FAQ, search engines will only index the public pastes
How to Search Pastes?
The following are two good tools for searching pastes. Keep in mind that data breaches are often taken down after discovery on pastebin sites so you have a limited window of opportunity to find the raw data. Eventually, the info will filter down to the data breach sites mentioned in a previous post.
Pastebin Search Engine – (https://pastebinsearchengine.blogspot.com/?m=1&s=03) as its name says, this is a search engine for pastebin websites.
PSBDMP – (https://psbdmp.ws/) this site vaguely describes its data as follows, “Psbdmp collects data automatically from different sources and is not responsible for the data’s content,”
(see new post for updated pastebin in tools)