Back

jrj.com.cn Domain Breach Exposure Report

Risk Score

High Risk

Massive event volume or critical assets compromised.

AI Findings Summary

Critical

The domain jrj.com.cn has experienced a significant number of historical data breaches, totaling 597 events, and 80 active infostealer logs over the period from July 2025 to June 2026. The majority of these events, 88.2%, are attributed to historical data breaches, with the remaining 11.8% being active infostealer logs. This indicates a substantial exposure of sensitive information, potentially affecting a large number of employees and clients, as evidenced by the 163 employee-related events and 514 client-related events. The high volume of data breaches and infostealer activity, coupled with a risk score of 78, suggests a critical security posture for jrj.com.cn. The presence of malware families like Redline and Rhadamanthys, commonly used for credential theft, further exacerbates the risk. Remediation efforts should focus on comprehensive data breach investigation, strengthening access controls for services like logon and login portals, and implementing robust endpoint security to mitigate infostealer threats. The primary leak repository sources are combolist sources and database dumps, highlighting the need to secure credential stores and prevent unauthorized data exfiltration.

Total Events

677
credential exposure events

Employee Affected Events

163
account email domain = jrj.com.cn

Client Affected Events

514
service target = jrj.com.cn

Free Community Account

Stop stolen credentials from logging in

Own this domain? Create a free Lunar account to see full exposure data and evidence.

12-Month Events Timeline

Event volume by breach date, employee VS client

EmployeesClients
200133670
peak month 167
Jul 25Sep 25Nov 25Jan 26Mar 26May 26Jun 26

Infostealers VS Data Breaches

Live stealer logs VS data breaches

Infostealer logs
Events80
Share12%
Data breaches
Events597
Share88%
Infostealer logs (12%)
80events
Data breaches (88%)
597events

163 compromised employee accounts pose an infrastructure risk, while 514 leaked client credentials create regulatory liability.

Antivirus Distribution

Security Tools on Infected Endpoints

No Data Available

Malware Families Distribution

Distribution of Active Stealer Strains

Redline12
Rhadamanthys8
LummaC25
Acreed2
Millenium2

Top Login URLs

Top exposed services found in the event results

  1. 1https://jrj.com.cn47
  2. 2jrj.com.cn47
  3. 3https://jrj.com.cn/logon25
  4. 4http://i.jrj.com.cn/register.faces20
  5. 5https://jrj.com.cn/login19
  6. 6https://sso.jrj.com.cn/sso/ssopassportlogin18
  7. 7sso.jrj.com.cn/sso/ssologin18
  8. 8jrj.com.cn/login17
  9. 9jrj.com.cn/logon17
  10. 10https://sso.jrj.com.cn/sso/passportRegister/register.jsp15

Infostealer By Geography

Shows the distribution of Infostealer-related credential exposure events across different geographic regions. The location is determined by analyzing the metadata of the infected machines associated with each event.

China
Events13
United States
Events6
Japan
Events5
Netherlands
Events5
Kenya
Events3
Taiwan
Events3
Denmark
Events3

Country Breakdown

  1. 1China13
  2. 2United States6
  3. 3Japan5
  4. 4Netherlands5
  5. 5Kenya3
  6. 6Taiwan3
  7. 7Denmark3
  8. 8Montenegro3

Services Classification Distribution

Blast radius - closer to core = more critical infrastructure, size = credential volume

-
Total

Operating System Distribution

Distribution of compromised endpoint builds

Windows 1125
Windows 11 (Build 26200) (64 Bit)6
Windows 10 Enterprise x642
Windows Vista x322
Windows Server 2019 x322

Leak Repository Classification

Where the exposed records currently reside

0
Named breaches
506
Combolist pools
91
Unattributed dumps

Disclaimer: This report includes AI-generated content. AI can make mistakes, so verify important findings independently before taking action.