Back

donga.com Domain Breach Exposure Report

Risk Score

High Risk

Massive event volume or critical assets compromised.

AI Findings Summary

Critical

The domain donga.com has experienced a significant number of security events, with a high risk score of 98. The primary threats identified are historical data breaches, accounting for 85.9% of events, and active infostealer logs, representing 14.1%. A total of 8,999 events were recorded, impacting 1,633 employees and 7,366 clients over the period from July 2025 to June 2026. The data indicates a substantial exposure to credential theft and potential data compromise, with malware families like LummaC2, Redline, and Rhadamanthys being prevalent. The high volume of data breaches and infostealer activity, coupled with the targeting of login and membership services, suggests a critical risk to sensitive user information. The majority of identified exposures originate from South Korea. Remediation efforts should focus on strengthening authentication mechanisms, enhancing data breach detection and response, and actively monitoring for and mitigating infostealer campaigns targeting employee and client credentials.

Total Events

8,999
credential exposure events

Employee Affected Events

1,633
account email domain = donga.com

Client Affected Events

7,366
service target = donga.com

Free Community Account

Stop stolen credentials from logging in

Own this domain? Create a free Lunar account to see full exposure data and evidence.

12-Month Events Timeline

Event volume by breach date, employee VS client

EmployeesClients
2,0001,3336670
peak month 1,949
Jul 25Sep 25Nov 25Jan 26Mar 26May 26Jun 26

Infostealers VS Data Breaches

Live stealer logs VS data breaches

Infostealer logs
Events1,270
Share14%
Data breaches
Events7,729
Share86%
Infostealer logs (14%)
1,270events
Data breaches (86%)
7,729events

1,633 compromised employee accounts pose an infrastructure risk, while 7,366 leaked client credentials create regulatory liability.

Antivirus Distribution

Security Tools on Infected Endpoints

Windows Defender76
Windows Defender 알약3
AhnLab V3 Lite1
Windows Defender AhnLab V3 365 Clinic1
네이버 백신 [OFF]1

Malware Families Distribution

Distribution of Active Stealer Strains

LummaC2211
Redline206
Rhadamanthys140
Acreed69
Vidar55
Remus21
RisePro19
Blank Grabber14
StealC8

Top Login URLs

Top exposed services found in the event results

  1. 1https://secure.donga.com/membership/login.php592
  2. 2https://secure.donga.com557
  3. 3secure.donga.com516
  4. 4secure.donga.com/membership/login.php431
  5. 5https://secure.donga.com/membership/regist.php359
  6. 6https://secure.donga.com/mlbpark/login.php265
  7. 7https://secure.donga.com/238
  8. 8secure.donga.com/membership/regist.php229
  9. 9https://secure.donga.com/mlbpark/regist.php195
  10. 10donga.com187

Infostealer By Geography

Shows the distribution of Infostealer-related credential exposure events across different geographic regions. The location is determined by analyzing the metadata of the infected machines associated with each event.

South Korea
Events720
United States
Events23
Germany
Events20
Japan
Events8
India
Events5
Peru
Events5
Venezuela
Events4
Czechia
Events3

Country Breakdown

  1. 1South Korea720
  2. 2United States23
  3. 3Germany20
  4. 4Japan8
  5. 5India5
  6. 6Peru5
  7. 7Venezuela4
  8. 8Czechia3

Services Classification Distribution

Blast radius - closer to core = more critical infrastructure, size = credential volume

-
Total

Operating System Distribution

Distribution of compromised endpoint builds

Windows 11112
Windows 10 22H2 build 19045 (64 Bit)86
Windows 10 Enterprise x6484
Windows 10 Pro59
Windows 11 24H2 build 26100 (64 Bit)53

Leak Repository Classification

Where the exposed records currently reside

0
Named breaches
7,599
Combolist pools
130
Unattributed dumps

Disclaimer: This report includes AI-generated content. AI can make mistakes, so verify important findings independently before taking action.