Reply to post: Re: Uhm.

Pastebin: The remote backdoor server for the cheap and lazy

Ben Tasker

Re: Uhm.

Firstly you'll note wordpress is the actual issue here (as described) - if you want to be worried about something be worried about the insecurity of your actual app. What happened there might not be relevant to your problems (it's extremely likely it isn't)

Does seem odd doesn't it? The attacker has managed to execute arbitrary code in order to retrieve some other arbitrary code and execute it and the solution is block pastebin?

There may be some logic to blocking it if you've absolutely no need for it - as it's (apparently) currently being commonly used as a low tech C&C you do at least block that route, but if enough people do block pastebin it's use as a C&C will drop and the blocking becomes worthless.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2022