[SANS ISC] Pastebin.com Used As a Simple C2 Channel

I published the following diary on isc.sans.edu: “Pastebin.com Used As a Simple C2 Channel“: With the growing threat of ransomware attacks, they are other malicious activities that have less attention today but they remain active. Think about crypto-miners. Yes, attackers continue to mine Monero on compromised systems. I spotted an interesting

The post [SANS ISC] Pastebin.com Used As a Simple C2 Channel appeared first on /dev/random.

Continue reading [SANS ISC] Pastebin.com Used As a Simple C2 Channel

Gitpaste-12 Worm Widens Set of Exploits in New Attacks

The worm returned in recent attacks against web applications, IP cameras and routers. Continue reading Gitpaste-12 Worm Widens Set of Exploits in New Attacks

Hackers using Pastebin commands to spread njRAT (Bladabindi) trojan

By Deeba Ahmed
njRAT was developed in .NET. It is a common Trojan used for remotely hijacking the key functions of a compromised device.
This is a post from HackRead.com Read the original post: Hackers using Pastebin commands to spread njRAT (Bladabind… Continue reading Hackers using Pastebin commands to spread njRAT (Bladabindi) trojan

New worming botnet Gitpaste-12 infecting IoT devices, Linux servers

By Waqas
Gitpaste-12 uses GitHub and Pastebin for framing the component code and has 12 different attack modules.
This is a post from HackRead.com Read the original post: New worming botnet Gitpaste-12 infecting IoT devices, Linux servers
Continue reading New worming botnet Gitpaste-12 infecting IoT devices, Linux servers

Russian Espionage Group Updates Custom Malware Suite

Turla has outfitted a trio of backdoors with new C2 tricks and increased interop, as seen in an attack on a European government. Continue reading Russian Espionage Group Updates Custom Malware Suite

PasteBin just made it easier for hackers to avoid detection, researchers say

A policy change at a seemingly innocuous website could make it more difficult to stop hackers, according to information security experts who track malicious software in the wild. PasteBin, a text repository where developers share internet code, said on Wednesday it has discontinued a service that charged users a $50 one-time fee to search the site for new data. Researchers had used the scraping API to scour PasteBin for cybercriminal activity, as hackers frequently posted stolen personal data and malicious code to the site. PasteBin has a lot of legitimate activity, including posts about software tests and blocks of banal code meant for cryptographic network protocols. The malicious activity makes up a fraction of the content, and is difficult to identify without scraping capabilities because of the construction of the site. A number of Twitter feeds, like @ScumBots and @leak_scavenger, were dedicated to catching malicious uploads early, and then distributing details early […]

The post PasteBin just made it easier for hackers to avoid detection, researchers say appeared first on CyberScoop.

Continue reading PasteBin just made it easier for hackers to avoid detection, researchers say

Retailer Orvis.com Leaked Hundreds of Internal Passwords on Pastebin

Orvis, a Vermont-based retailer that specializes in high-end fly fishing equipment and other sporting goods, leaked hundreds of internal passwords on Pastebin.com for several weeks last month, exposing credentials the company used to manage everything from firewalls and routers to administrator accounts and database servers, KrebsOnSecurity has learned. Orvis says the exposure was inadvertent, and that many of the credentials were already expired. Continue reading Retailer Orvis.com Leaked Hundreds of Internal Passwords on Pastebin