Back

eldorado.ru Domain Breach Exposure Report

Risk Score

High Risk

Massive event volume or critical assets compromised.

AI Findings Summary

Critical

The domain eldorado.ru has experienced a significant exposure event with a risk score of 92, primarily driven by 17,073 historical data breaches and 1,247 active infostealer logs. The data breaches represent 93.2% of the total events, with infostealer logs accounting for 6.8%. The timeline indicates a surge in client-related events throughout the observed period, with employee-related events also appearing, particularly in September 2025 and January 2026. Malware families such as Redline, Rhadamanthys, and LummaC2 are prevalent, suggesting active credential harvesting and data exfiltration attempts targeting users associated with eldorado.ru and its services, including personal order and basket pages. The high volume of historical data breaches, predominantly from "Combolist sources," combined with active infostealer activity, poses a substantial risk to both the organization and its users. The prevalence of Windows operating systems among affected devices indicates a broad user base. Remediation efforts should focus on enhancing credential security, monitoring for further infostealer activity, and investigating the root cause of the historical data breaches to prevent recurrence. Given the nature of the domain and targeted services, the most appropriate industry sector is Retail & E-commerce.

Total Events

18,320
credential exposure events

Employee Affected Events

480
account email domain = eldorado.ru

Client Affected Events

17,840
service target = eldorado.ru

Free Community Account

Stop stolen credentials from logging in

Own this domain? Create a free Lunar account to see full exposure data and evidence.

12-Month Events Timeline

Event volume by breach date, employee VS client

EmployeesClients
5,0003,3331,6670
peak month 4,643
Jul 25Sep 25Nov 25Jan 26Mar 26May 26Jun 26

Infostealers VS Data Breaches

Live stealer logs VS data breaches

Infostealer logs
Events1,247
Share7%
Data breaches
Events17,073
Share93%
Infostealer logs (7%)
1,247events
Data breaches (93%)
17,073events

480 compromised employee accounts pose an infrastructure risk, while 17,840 leaked client credentials create regulatory liability.

Antivirus Distribution

Security Tools on Infected Endpoints

Windows Defender14
Windows Defender.1

Malware Families Distribution

Distribution of Active Stealer Strains

Redline210
Rhadamanthys123
LummaC295
Vidar83
DarkCrystal81
RisePro73
Remus17
StealC15
Acreed13

Top Login URLs

Top exposed services found in the event results

  1. 1eldorado.ru1,417
  2. 2https://www.eldorado.ru1,363
  3. 3https://www.eldorado.ru/874
  4. 4https://www.eldorado.ru/personal/order.php759
  5. 5https://eldorado.ru690
  6. 6eldorado.ru/685
  7. 7eldorado.ru/personal/order.php674
  8. 8www.eldorado.ru480
  9. 9https://www.eldorado.ru/personal/basket.php386
  10. 10https://www.eldorado.ru/auth.php343

Infostealer By Geography

Shows the distribution of Infostealer-related credential exposure events across different geographic regions. The location is determined by analyzing the metadata of the infected machines associated with each event.

Russia
Events175
Türkiye
Events95
United States
Events69
Germany
Events37
Netherlands
Events37
Canada
Events27
United Kingdom
Events21
Finland
Events20

Country Breakdown

  1. 1Russia175
  2. 2Türkiye95
  3. 3United States69
  4. 4Germany37
  5. 5Netherlands37
  6. 6Canada27
  7. 7United Kingdom21
  8. 8Finland20

Services Classification Distribution

Blast radius - closer to core = more critical infrastructure, size = credential volume

GitLab6

Operating System Distribution

Distribution of compromised endpoint builds

Windows 10 Pro [x64]77
Windows 10 Enterprise x6472
Windows 1163
Windows 10 22H2 build 19045 (64 Bit)56
Windows 10 Pro53

Leak Repository Classification

Where the exposed records currently reside

0
Named breaches
16,791
Combolist pools
282
Unattributed dumps

Disclaimer: This report includes AI-generated content. AI can make mistakes, so verify important findings independently before taking action.