Back

eenadu.net Domain Breach Exposure Report

Risk Score

High Risk

Massive event volume or critical assets compromised.

AI Findings Summary

Critical

The domain eenadu.net exhibits a high-risk score of 92, primarily driven by a significant volume of historical data breaches (77.7%) and active infostealer logs (22.3%) over the observed period. A substantial number of client records (28,317) and employee records (271) have been exposed through these events. The infostealer activity is dominated by malware families such as LummaC2, Vidar, and Rhadamanthys, targeting Windows operating systems and frequently associated with combolist sources. The timeline indicates a fluctuating but persistent exposure of client and employee data, with peaks in March and April 2026. The targeted services are predominantly related to the epaper.eenadu.net login and validation endpoints, suggesting credential stuffing or direct credential compromise attempts. The high volume of data breaches and active infostealer logs, coupled with the exposure of both client and employee data, elevates the risk to a critical level. The prevalence of infostealer malware targeting login credentials for the epaper service indicates a direct threat to user accounts and potentially further downstream systems. Remediation efforts should focus on immediate credential reset for affected users, enhanced monitoring of the epaper login endpoints for anomalous activity, and a thorough review of data security practices to prevent future breaches. Given the nature of the data and the targeted services, the most appropriate industry sector is Retail & E-commerce, assuming the epaper service is a digital subscription or content platform.

Total Events

28,588
credential exposure events

Employee Affected Events

271
account email domain = eenadu.net

Client Affected Events

28,317
service target = eenadu.net

Free Community Account

Stop stolen credentials from logging in

Own this domain? Create a free Lunar account to see full exposure data and evidence.

12-Month Events Timeline

Event volume by breach date, employee VS client

EmployeesClients
8,0005,3332,6670
peak month 6,631
Jul 25Sep 25Nov 25Jan 26Mar 26May 26Jun 26

Infostealers VS Data Breaches

Live stealer logs VS data breaches

Infostealer logs
Events6,384
Share22%
Data breaches
Events22,204
Share78%
Infostealer logs (22%)
6,384events
Data breaches (78%)
22,204events

271 compromised employee accounts pose an infrastructure risk, while 28,317 leaked client credentials create regulatory liability.

Antivirus Distribution

Security Tools on Infected Endpoints

Windows Defender377
Malwarebytes2
Windows Defender [ON]1
Reason Cybersecurity1
Avast1

Malware Families Distribution

Distribution of Active Stealer Strains

LummaC21,000
Vidar823
Rhadamanthys568
Redline407
Acreed156
RisePro94
StealC84
Remus81
Raccoon23

Top Login URLs

Top exposed services found in the event results

  1. 1https://epaper.eenadu.net/login/login6,137
  2. 2https://epaper.eenadu.net3,432
  3. 3epaper.eenadu.net3,338
  4. 4epaper.eenadu.net/login/login3,015
  5. 5https://epaper.eenadu.net/Login/ValidateLogin1,673
  6. 6https://epaper.eenadu.net//Login/ActivateAccount1,257
  7. 7epaper.eenadu.net/Login/ValidateLogin749
  8. 8https://epaper.eenadu.net/611
  9. 9epaper.eenadu.net//Login/ActivateAccount599
  10. 10http://epaper.eenadu.net/login.php596

Infostealer By Geography

Shows the distribution of Infostealer-related credential exposure events across different geographic regions. The location is determined by analyzing the metadata of the infected machines associated with each event.

India
Events3,432
United States
Events68
United Arab Emirates
Events17
Italy
Events15
Venezuela
Events12
Indonesia
Events12
Pakistan
Events11
Brazil
Events11

Country Breakdown

  1. 1India3,432
  2. 2United States68
  3. 3United Arab Emirates17
  4. 4Italy15
  5. 5Venezuela12
  6. 6Indonesia12
  7. 7Pakistan11
  8. 8Brazil11

Services Classification Distribution

Blast radius - closer to core = more critical infrastructure, size = credential volume

-
Total

Operating System Distribution

Distribution of compromised endpoint builds

Windows 11 Home Single Language387
Windows 11 Home Single Language 25H2 (Build 26200)366
Windows 10 Pro335
Windows 10 22H2 build 19045 (64 Bit)281
Windows 11233

Leak Repository Classification

Where the exposed records currently reside

0
Named breaches
22,101
Combolist pools
103
Unattributed dumps

Disclaimer: This report includes AI-generated content. AI can make mistakes, so verify important findings independently before taking action.