Back

avnet.com Domain Breach Exposure Report

Risk Score

High Risk

Massive event volume or critical assets compromised.

AI Findings Summary

Critical

The telemetry indicates a significant exposure event impacting avnet.com, with 64,316 historical data breaches and 2,277 active infostealer logs detected. The majority of the infostealer activity (79%) is attributed to the Redline malware family, which is known for exfiltrating credentials and sensitive information. The exposure period spans from July 2025 to June 2026, with notable spikes in employee and client-related events in September 2025 and January 2026. The data suggests a broad impact, with 60,349 employee-related events and 6,244 client-related events, alongside 6,4316 data breaches and 2,277 infostealer logs. The primary sources of leaked data appear to be combolist sources (66.3%) and database dumps (33.7%). Given the high volume of historical data breaches and active infostealer logs, coupled with the prevalence of Redline malware, this situation presents a critical risk. The exposure of employee and client data, potentially including credentials, necessitates immediate investigation and remediation. Focus should be placed on identifying the root cause of the data breaches and infostealer infections, strengthening credential management, and enhancing endpoint security to prevent further exfiltration. The targeted services include user registration and logon forms, indicating potential credential harvesting attempts.

Total Events

66,593
credential exposure events

Employee Affected Events

60,349
account email domain = avnet.com

Client Affected Events

6,244
service target = avnet.com

Free Community Account

Stop stolen credentials from logging in

Own this domain? Create a free Lunar account to see full exposure data and evidence.

12-Month Events Timeline

Event volume by breach date, employee VS client

EmployeesClients
25,00016,6678,3330
peak month 21,364
Jul 25Sep 25Nov 25Jan 26Mar 26May 26Jun 26

Infostealers VS Data Breaches

Live stealer logs VS data breaches

Infostealer logs
Events2,277
Share3%
Data breaches
Events64,316
Share97%
Infostealer logs (3%)
2,277events
Data breaches (97%)
64,316events

60,349 compromised employee accounts pose an infrastructure risk, while 6,244 leaked client credentials create regulatory liability.

Antivirus Distribution

Security Tools on Infected Endpoints

Windows Defender6
Avira1
Kaspersky1

Malware Families Distribution

Distribution of Active Stealer Strains

Redline1,799
LummaC295
Rhadamanthys49
Vidar24
Acreed21
RisePro21
StealC14
X-Files8
Remus6

Top Login URLs

Top exposed services found in the event results

  1. 1avnet.com1,319
  2. 2https://www.avnet.com/shop/UserRegistrationForm374
  3. 3https://avnet.com357
  4. 4https://www.avnet.com337
  5. 5avnet.com/shop/UserRegistrationForm286
  6. 6www.avnet.com221
  7. 7www.avnet.com/shop/UserRegistrationForm181
  8. 8https://www.avnet.com/shop/LogonForm124
  9. 9avnet.com/shop/userregistrationform123
  10. 10avnet.com/shop/LogonForm83

Infostealer By Geography

Shows the distribution of Infostealer-related credential exposure events across different geographic regions. The location is determined by analyzing the metadata of the infected machines associated with each event.

United States
Events460
Germany
Events413
Netherlands
Events392
Denmark
Events170
United Kingdom
Events57
France
Events39
Spain
Events34

Country Breakdown

  1. 1United States460
  2. 2Germany413
  3. 3Netherlands392
  4. 4Denmark170
  5. 5United Kingdom57
  6. 6France39
  7. 7Spain34
  8. 8Luxembourg33

Services Classification Distribution

Blast radius - closer to core = more critical infrastructure, size = credential volume

Citrix52
Microsoft43
Cisco (AnyConnect)30
Pulse Secure15
FortiNet VPN10
Git9
WordPress1

Operating System Distribution

Distribution of compromised endpoint builds

Windows Server 2016 x32142
Windows 10 Home x32138
Windows Server 2019 x32133
Windows 7 x32122
Windows Server 2003 R2 x32120

Leak Repository Classification

Where the exposed records currently reside

0
Named breaches
42,643
Combolist pools
21,673
Unattributed dumps

Disclaimer: This report includes AI-generated content. AI can make mistakes, so verify important findings independently before taking action.