Started in 2002, pastebin.com has become the largest service of its kind in the world, serving 18 million visitors monthly and hosting 95 million pastes. Though used for lots of legitimate content, malicious actors have been using the site to distribute obfuscated malware for years. In this talk, I'll explain the processes by which malware is hidden on Pastebin and other similar sites and how to use a scraper to find these obfuscated samples. Whereas most pastebin scrapers look for keywords like "password" to detect data dumps, this presentation will feature "FIERCECROISSANT", a pastebin scraper designed to look for obfuscated malicious binaries, decode them, and use sandboxing environments to extract networking information from them. I'll also show how many samples were found, the associated malware families, common behaviors of malicious pastes, and trends as well as unusual cases.