Security News > 2020 > October > Malware campaigns deliver payloads via obscure paste service
Multiple malware campaigns have been spotted using Pastebin-style services to facilitate their nefarious activities.
This week Juniper Threat Labs have identified malware campaigns relying on legitimate paste services like paste.
While the paste site only supports plaintext files and not binary, any data - including binary can be encoded and represented as ASCII. That is what malware spotted by Juniper Threat Labs was doing in this case.
The malware campaigns leveraging the paste service to distribute encrypted payload include Agent Tesla, W3Cryptolocker Ransomware, Redline Stealer, and LimeRAT. "The attack usually starts with a phishing email that includes an attachment, such as a document, archive or an executable," explains Kimayong.
Juniper's complete findings, Indicators of Compromise, and list of malware campaigns are provided on their blog.