28 year-old Jeroen Vader, the owner of Pastebin, says he plans to hire more staff to help remove "sensitive information" posted to the site. Pastebin, which has over 200,000 members as of this weekend and 17 million unique visitors per month, is the de facto choice for hackers who want to publicly post data they have stolen from their targets. Hacker pastes ranges from something simple, like a list of sites that have been hacked, to very detailed information, including administrator credentials for website servers, credit card numbers, phone numbers, e-mail addresses with corresponding passwords, and even home addresses.
Pastebin currently relies on an abuse report system, which gets 1,200 warnings a day. It's not keeping up, so it's about to get some more manpower, according to a BBC interview with Vader:
I am looking to hire some extra people soon to monitor more of the website's content, not just the items that are reported. Hopefully this will increase the speed in which we can remove sensitive information. This will give us more time to look at trending items in detail if they haven't been reported yet. Often articles contain a lot of information, and part of that can be a person's details. This does not mean straight away that it should be removed. Reading all those items, and determining which ones are hurtful, and which ones aren't, requires a lot of time. That's why we rely on the abuse report system at the moment. But there are plans to improve on this.
This has led to many speculating that Pastebin is specifically targeting the hacktivist groups Anonymous and LulzSec with its new initiative. The hacktivist groups uses Pastebin quite frequently; for example, the Anonymous China hacks this past week used Pastebin multiple times for multiple leaks.
Even if Anonymous or LulzSec decided to attack Pastebin in retaliation, it wouldn't be a huge blow to the site. Every single day for the last three months, Pastebin has been the target of a Distributed Denial of Service (DDoS) attack. Vader says the longest continuous attack, in February, went on for more than 48 hours. He said none of the attacks have been claimed, but he has heard that many hackers like to test their DDOS skills on Pastebin.
Whether Pastebin will become a target isn't known, but it's clear Anonymous isn't very pleased with what's happening. The YourAnonNews Twitter account summarizes the group's stance quite succinctly:
Srsly Pastebin, f*** you - @Pastebin to hire staff to tackle hackers' 'sensitive' posts | http://bit.ly/HixoFQ All aboard the Censor Ship!
For its part, Pastebin is reportedly trying to calm everyone down. Here's what a Pastebin admin reportedly posted on the Anonymous Central Tumblr:
Hey guys, I'm from Pastebin.com and would like to speak to someone from @anonops via email. Could someone email firstname.lastname@example.org please? Would like to set some stuff straight, as a lot of news sites are reporting false stories now about how Pastebin is against Anonymous all the sudden.
So far, all the comments are asking whoever made the post to present his case publicly. After all, it's the Anonymous way.
- Hacktivists stole 100 million records in 2011
- LulzSec hacks Military Singles
- LulzSec hacks CSS Corp
- Anonymous hacks hundreds of Chinese government sites
- Anonymous hacks Panda Security in response to LulzSec arrests
- Anonymous hacks Vatican again