Twitter + Pastebin = malware update

Revision as of 13:57, 3 August 2015 by Eric.freyssinet (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

(Publication) Google search: [1]

Twitter + Pastebin = malware update
Botnet Sninfs
Botnet/malware group
Exploit kits
Distribution vector
Operation/Working group
CCProtocol Twitter, Paste-platform
Date 2009 / 2009-08-17
Editor/Conference Symantec
Link (Archive copy)
Author Patrick Fitzgerald
Type Blogpost

Abstract and are both legitimate sites and it was a little surprising to see them both in this context. A closer look shows that both of these URLs seem to be using the pastebin feature of the Debian and Rifers sites. Pastebins give Web users the ability to upload arbitrary text in order to share information. Pastebins exist on many sites across the Internet and any one of these sites could have been selected by the attackers in order to host their malicious payloads. It’s likely the Debian and Rifers sites were selected because of the trust associated with their brand. There is little these sites can do to mitigate this type of misuse of a legitimate service provided by their sites.


   editor = {Symantec},
   author = {Patrick Fitzgerald},
   title = {Twitter + Pastebin = malware update},
   date = {17},
   month = Aug,
   year = {2009},
   howpublished = {\url{}},