Back

gungho.jp Domain Breach Exposure Report

Risk Score

High Risk

Massive event volume or critical assets compromised.

AI Findings Summary

Critical

The telemetry indicates a significant exposure event impacting gungho.jp, with 4789 total events observed over the period. The majority of these events, 84.7%, are historical data breaches, and 15.3% are active infostealer logs. The data breaches primarily originate from "Combolist sources" (98.8%), suggesting compromised credentials. Infostealer activity is linked to malware families such as Redline (16.7%), LummaC2 (14.6%), and Acreed (9.3%), which are known to exfiltrate sensitive information. The targeted services are predominantly related to the "member.gungho.jp" domain, indicating a focus on user authentication credentials. The timeline shows a surge in client-related events in March 2026, with a notable increase in employee-related events in September 2025 and January 2026. This exposure presents a high risk due to the large volume of historical data breaches and active infostealer activity, potentially leading to account takeovers and further compromise. The prevalence of "Combolist sources" suggests that user credentials may have been exposed elsewhere and are being actively tested against gungho.jp services. Remediation should focus on immediate credential reset campaigns for affected users, enhanced monitoring for suspicious login activity on "member.gungho.jp", and strengthening authentication mechanisms to mitigate the impact of credential stuffing attacks.

Total Events

4,789
credential exposure events

Employee Affected Events

244
account email domain = gungho.jp

Client Affected Events

4,545
service target = gungho.jp

Free Community Account

Stop stolen credentials from logging in

Own this domain? Create a free Lunar account to see full exposure data and evidence.

12-Month Events Timeline

Event volume by breach date, employee VS client

EmployeesClients
1,2008004000
peak month 1,186
Jul 25Sep 25Nov 25Jan 26Mar 26May 26Jun 26

Infostealers VS Data Breaches

Live stealer logs VS data breaches

Infostealer logs
Events731
Share15%
Data breaches
Events4,058
Share85%
Infostealer logs (15%)
731events
Data breaches (85%)
4,058events

244 compromised employee accounts pose an infrastructure risk, while 4,545 leaked client credentials create regulatory liability.

Antivirus Distribution

Security Tools on Infected Endpoints

Windows Defender4
Malwarebytes2

Malware Families Distribution

Distribution of Active Stealer Strains

Redline122
LummaC2107
Acreed68
Rhadamanthys55
Vidar26
StealC13
Millenium13
Raccoon9
RisePro4

Top Login URLs

Top exposed services found in the event results

  1. 1https://member.gungho.jp483
  2. 2member.gungho.jp388
  3. 3https://member.gungho.jp/front/register/ragnarok/authmail.aspx366
  4. 4https://member.gungho.jp/245
  5. 5member.gungho.jp/front/register/ragnarok/authmail.aspx233
  6. 6https://member.gungho.jp/front/ro/iframe/login.aspx206
  7. 7member.gungho.jp/166
  8. 8member.gungho.jp/front/ro/iframe/login.aspx140
  9. 9gungho.jp135
  10. 10gungho.jp/103

Infostealer By Geography

Shows the distribution of Infostealer-related credential exposure events across different geographic regions. The location is determined by analyzing the metadata of the infected machines associated with each event.

Japan
Events338
United States
Events21
Thailand
Events14
China
Events14
Taiwan
Events12
Egypt
Events6
South Korea
Events5

Country Breakdown

  1. 1Japan338
  2. 2United States21
  3. 3Thailand14
  4. 4China14
  5. 5Taiwan12
  6. 6Egypt6
  7. 7Hong Kong SAR China6
  8. 8South Korea5

Services Classification Distribution

Blast radius - closer to core = more critical infrastructure, size = credential volume

-
Total

Operating System Distribution

Distribution of compromised endpoint builds

Windows 1194
Windows 10 Home x6450
Windows 10 22H2 build 19045 (64 Bit)48
Windows 10 Home47
Windows 10 Enterprise x6445

Leak Repository Classification

Where the exposed records currently reside

0
Named breaches
4,009
Combolist pools
49
Unattributed dumps

Disclaimer: This report includes AI-generated content. AI can make mistakes, so verify important findings independently before taking action.