Back

flaticon.com Domain Breach Exposure Report

Risk Score

High Risk

Massive event volume or critical assets compromised.

AI Findings Summary

Critical

The domain flaticon.com has experienced a significant number of historical data breaches and active infostealer logs over the past year. The majority of these events, 92.5%, are attributed to historical data breaches, with 107,460 instances recorded. Additionally, 8,669 active infostealer logs were detected, representing 7.5% of the total events. The timeline shows a notable increase in both employee and client-related events, particularly from March to June 2026, with peaks in March (12 employee events, 32,130 client events) and April (52 employee events, 23,300 client events). Malware families such as Redline, LummaC2, and Rhadamanthys are prominently associated with these infostealer activities. The high volume of historical data breaches and the presence of active infostealer logs, including prevalent malware families like Redline and LummaC2, indicate a high-risk exposure. The affected parties include 92 employees and 116,037 clients, with a substantial portion of the data breaches originating from "Combolist sources." The concentration of events targeting login and registration services on flaticon.com suggests credential stuffing and account takeover attempts are primary concerns. Remediation should focus on enhancing credential security, implementing robust multi-factor authentication, and conducting thorough security audits of user authentication systems.

Total Events

116,129
credential exposure events

Employee Affected Events

92
account email domain = flaticon.com

Client Affected Events

116,037
service target = flaticon.com

Free Community Account

Stop stolen credentials from logging in

Own this domain? Create a free Lunar account to see full exposure data and evidence.

12-Month Events Timeline

Event volume by breach date, employee VS client

EmployeesClients
40,00026,66713,3330
peak month 32,130
Jul 25Sep 25Nov 25Jan 26Mar 26May 26Jun 26

Infostealers VS Data Breaches

Live stealer logs VS data breaches

Infostealer logs
Events8,669
Share8%
Data breaches
Events107,460
Share93%
Infostealer logs (8%)
8,669events
Data breaches (93%)
107,460events

92 compromised employee accounts pose an infrastructure risk, while 116,037 leaked client credentials create regulatory liability.

Antivirus Distribution

Security Tools on Infected Endpoints

Windows Defender142
Windows Defender Panda Dome13
Windows Defender Webroot SecureAnywhere3
Windows Defender McAfee2
Windows Defender AVG Antivirus2
Norton Security Ultra2
Windows Defender.1
Windows Defender ESET Security1

Malware Families Distribution

Distribution of Active Stealer Strains

Redline1,787
LummaC21,438
Rhadamanthys775
Acreed470
Vidar419
StealC223
RisePro122
Raccoon103
Remus61

Top Login URLs

Top exposed services found in the event results

  1. 1https://www.flaticon.com/profile/login13,234
  2. 2flaticon.com13,169
  3. 3flaticon.com/profile/login10,432
  4. 4https://www.flaticon.com/profile/register9,945
  5. 5https://flaticon.com9,465
  6. 6https://www.flaticon.com8,723
  7. 7www.flaticon.com/profile/login7,687
  8. 8flaticon.com/profile/register7,324
  9. 9www.flaticon.com5,970
  10. 10www.flaticon.com/profile/register5,647

Infostealer By Geography

Shows the distribution of Infostealer-related credential exposure events across different geographic regions. The location is determined by analyzing the metadata of the infected machines associated with each event.

India
Events522
Brazil
Events436
Bangladesh
Events311
Indonesia
Events283
United States
Events231
Pakistan
Events201
Egypt
Events199
Thailand
Events166

Country Breakdown

  1. 1India522
  2. 2Brazil436
  3. 3Bangladesh311
  4. 4Indonesia283
  5. 5United States231
  6. 6Pakistan201
  7. 7Egypt199
  8. 8Thailand166

Services Classification Distribution

Blast radius - closer to core = more critical infrastructure, size = credential volume

-
Total

Operating System Distribution

Distribution of compromised endpoint builds

Windows 10 Enterprise x64877
Windows 11592
Windows 11 24H2 build 26100 (64 Bit)418
Windows 10 Home x64336
Windows 10 Pro (10.0.19045) x64314

Leak Repository Classification

Where the exposed records currently reside

0
Named breaches
107,438
Combolist pools
22
Unattributed dumps

Disclaimer: This report includes AI-generated content. AI can make mistakes, so verify important findings independently before taking action.