-
One Second Analysis Followup: Credentials Posted to Pastebin
As a followup to last week’s post regarding the number of stolen account credentials that show up on Pastebin daily, I’ve collected enough data to get a more accurate picture of the posting rate. As a reminder, here was the first day’s data: Start time: 20171113 2100UTC Credentials parsed to date: 792,488 Clean (unproblematic) credentials: 734,807 Unique clean credentials: 475,653 Credentials parsed to date: I’ve had a homebrew pastebin scraper analyzing new pastes, watching for email addresses, for a while now.…more
Threat IntelBug BountyThreat IntelRed Team1s AnalysisBlue Team
-
One Second Analysis: Credentials Posted to Pastebin
Super-quick analysis of account credentials (username/password pairs, in various forms) posted to Pastebin over roughly a day: Start time: 20171113 2100UTC Credentials parsed to date: 792,488 Clean (unproblematic) credentials: 734,807 Unique clean credentials: 475,653 Credentials parsed to date: I’ve had a homebrew pastebin scraper analyzing new pastes, watching for email addresses, for a while now. This is where the number of credentials extracted stood as of Start time. Clean (unproblematic) credentials: I wrote a somewhat lazy parser that attempts to help me identify patterns in the extracted paste bodies so I can more effectively grab credentials pasted in a variety of formats.…more
Threat IntelBug BountyThreat IntelRed Team1s AnalysisBlue Team