Back

google.com.pk Domain Breach Exposure Report

Risk Score

High Risk

Massive event volume or critical assets compromised.

AI Findings Summary

Critical

The domain google.com.pk has experienced a significant number of data breach and infostealer events over the past year, totaling 1323. The majority of these events, 1172, are categorized as historical data breaches, with 151 identified as active infostealer logs. The timeline shows a notable increase in employee-related events starting in late 2025 and continuing through early 2026, alongside a consistent volume of client-related events. Malware families such as LummaC2, Redline, and Rhadamanthys are frequently associated with these exposures, indicating a risk of credential harvesting and further compromise. This exposure presents a high-risk scenario due to the sheer volume of data breach and infostealer activity, impacting a large number of clients and employees. The prevalence of infostealer malware targeting credentials suggests a direct threat to user accounts and sensitive information. Prioritization should focus on immediate threat mitigation by enhancing endpoint security, implementing robust credential hygiene practices, and conducting thorough investigations into the identified malware families and their associated command-and-control infrastructure. The primary geographical focus for remediation efforts should be Pakistan, given the domain's TLD and the country breakdown data.

Total Events

1,323
credential exposure events

Employee Affected Events

113
account email domain = google.com.pk

Client Affected Events

1,210
service target = google.com.pk

Free Community Account

Stop stolen credentials from logging in

Own this domain? Create a free Lunar account to see full exposure data and evidence.

12-Month Events Timeline

Event volume by breach date, employee VS client

EmployeesClients
3002001000
peak month 286
Jul 25Sep 25Nov 25Jan 26Mar 26May 26Jun 26

Infostealers VS Data Breaches

Live stealer logs VS data breaches

Infostealer logs
Events151
Share11%
Data breaches
Events1,172
Share89%
Infostealer logs (11%)
151events
Data breaches (89%)
1,172events

113 compromised employee accounts pose an infrastructure risk, while 1,210 leaked client credentials create regulatory liability.

Antivirus Distribution

Security Tools on Infected Endpoints

Windows Defender4

Malware Families Distribution

Distribution of Active Stealer Strains

LummaC240
Redline23
Rhadamanthys9
Vidar5
RisePro3
Acreed2
StealC1

Top Login URLs

Top exposed services found in the event results

  1. 1google.com.pk157
  2. 2https://google.com.pk117
  3. 3https://www.google.com.pk66
  4. 4google.com.pk/58
  5. 5https://www.google.com.pk/54
  6. 6www.google.com.pk45
  7. 7https://google.com.pk/44
  8. 8https://www.google.com.pk/login.asp37
  9. 9www.google.com.pk/32
  10. 10https://accounts.google.com.pk/29

Infostealer By Geography

Shows the distribution of Infostealer-related credential exposure events across different geographic regions. The location is determined by analyzing the metadata of the infected machines associated with each event.

Pakistan
Events61
United States
Events15
China
Events4
Germany
Events4
Romania
Events3
Switzerland
Events2
Italy
Events2

Country Breakdown

  1. 1Pakistan61
  2. 2United States15
  3. 3China4
  4. 4Germany4
  5. 5Romania3
  6. 6Hong Kong SAR China3
  7. 7Switzerland2
  8. 8Italy2

Services Classification Distribution

Blast radius - closer to core = more critical infrastructure, size = credential volume

-
Total

Operating System Distribution

Distribution of compromised endpoint builds

Windows 1129
Windows 10 Pro (10.0.19045) x6415
Windows 10 Enterprise x6412
Windows 10 22H2 build 19045 (64 Bit)12
Windows 11 Enterprise (10.0.22631) x646

Leak Repository Classification

Where the exposed records currently reside

0
Named breaches
1,167
Combolist pools
5
Unattributed dumps

Disclaimer: This report includes AI-generated content. AI can make mistakes, so verify important findings independently before taking action.