Back

bd.com Domain Breach Exposure Report

Risk Score

High Risk

Massive event volume or critical assets compromised.

AI Findings Summary

Critical

The domain bd.com has experienced a significant number of historical data breaches, totaling 124,041 events, and 8,460 active infostealer logs. The majority of these events, 93.6%, are attributed to historical data breaches, with the remaining 6.4% being active infostealer logs. Employee-related events peaked in January 2026 with 43,265 occurrences, while client-related events saw a substantial increase in August 2025 with 9,023 occurrences. The most prevalent malware families observed are Redline (24.7%), LummaC2 (13.3%), and Vidar (10.5%). The data indicates a strong presence of combolist sources (61.8%) and database dumps (38.2%) within leak repositories. Geographically, India, Bangladesh, and the United States are the most affected countries. Given the high volume of historical data breaches and active infostealer logs, coupled with the prevalence of common infostealer malware families like Redline and LummaC2, this exposure presents a critical risk. The targeting of bd.com and related login services, along with the significant presence of compromised credentials from combolist sources and database dumps, suggests a high likelihood of account compromise and further data exfiltration. Prioritization should focus on immediate credential hygiene, comprehensive security audits of services exposed on bd.com, and enhanced monitoring for anomalous access patterns. Remediation efforts should address the identified malware families and secure the identified targeted services.

Total Events

132,501
credential exposure events

Employee Affected Events

89,552
account email domain = bd.com

Client Affected Events

42,949
service target = bd.com

Free Community Account

Stop stolen credentials from logging in

Own this domain? Create a free Lunar account to see full exposure data and evidence.

12-Month Events Timeline

Event volume by breach date, employee VS client

EmployeesClients
50,00033,33316,6670
peak month 43,265
Jul 25Sep 25Nov 25Jan 26Mar 26May 26Jun 26

Infostealers VS Data Breaches

Live stealer logs VS data breaches

Infostealer logs
Events8,460
Share6%
Data breaches
Events124,041
Share94%
Infostealer logs (6%)
8,460events
Data breaches (94%)
124,041events

89,552 compromised employee accounts pose an infrastructure risk, while 42,949 leaked client credentials create regulatory liability.

Antivirus Distribution

Security Tools on Infected Endpoints

Windows Defender158
None4
Windows Defender.2
Bitdefender1
Windows Defender Avast Antivirus.1
Kaspersky1

Malware Families Distribution

Distribution of Active Stealer Strains

Redline2,092
LummaC21,129
Vidar885
Rhadamanthys738
Acreed356
Remus121
X-Files46
RisePro41
StealC25

Top Login URLs

Top exposed services found in the event results

  1. 1bd.com7,484
  2. 2android://plfULPmwwF0hj4dORmGzx7gXEalMZJLejp_84ktPPR4tLQm0iV6iZVOqeEn6nkm8WjxQjBzhNYxTu-_2Z5oQhw==@com.bd.bdant/3,638
  3. 3https://bd.com3,163
  4. 4bd.com/login1,024
  5. 5bd.com/oauth/authorize839
  6. 6android://mBMNYk9LB4W0A76gLsexBf5U6js7u91rjxMJQM89MCqG_ElueNgPcPtdLDdB7Xf1sdY7UzbSn-jNKS1MTaxPtA==@com.bd.aibl.ibapps/837
  7. 7bd.com/333
  8. 8bd.com/login/signup316
  9. 9android://hc5aVqBDLwvwni6K0-OIokY1eTKocKycDP1Ffa0au0za3AgB9EMQCPbcnfNuLLj3mZAI40tzj_PrMm1PqFrrXQ==@com.bd.bec/283
  10. 10android://plfULPmwwF0hj4dORmGzx7gXEalMZJLejp_84ktPPR4tLQm0iV6iZVOqeEn6nkm8WjxQjBzhNxTu-_2Z5oQhw==@com.bd.bdant/263

Infostealer By Geography

Shows the distribution of Infostealer-related credential exposure events across different geographic regions. The location is determined by analyzing the metadata of the infected machines associated with each event.

India
Events1,640
Bangladesh
Events971
United States
Events616
Netherlands
Events470
Indonesia
Events428
Germany
Events356
Denmark
Events162
United Kingdom
Events75

Country Breakdown

  1. 1India1,640
  2. 2Bangladesh971
  3. 3United States616
  4. 4Netherlands470
  5. 5Indonesia428
  6. 6Germany356
  7. 7Denmark162
  8. 8United Kingdom75

Services Classification Distribution

Blast radius - closer to core = more critical infrastructure, size = credential volume

Microsoft517
WordPress176
Citrix73
Pulse Secure28
Salesforce25
Cisco (AnyConnect)22
Git11

Operating System Distribution

Distribution of compromised endpoint builds

Windows 11523
Windows 10 Pro411
Windows 11 24H2 build 26100 (64 Bit)364
Windows 10 22H2 build 19045 (64 Bit)282
Windows 11 Home Single Language270

Leak Repository Classification

Where the exposed records currently reside

0
Named breaches
76,707
Combolist pools
47,334
Unattributed dumps

Disclaimer: This report includes AI-generated content. AI can make mistakes, so verify important findings independently before taking action.