Back

masrawy.com Domain Breach Exposure Report

Risk Score

High Risk

Massive event volume or critical assets compromised.

AI Findings Summary

Critical

The telemetry indicates a significant exposure event affecting masrawy.com, with 4,164 historical data breaches and 189 active infostealer logs observed over the reporting period. The majority of these events (95.7%) are attributed to historical data breaches, while 4.3% are linked to active infostealer activity. Malware families such as Redline, Acreed, and Vidar are prominent in the infostealer logs. The primary targeted services include the main domain masrawy.com and its login pages, with a notable presence of Egyptian users. The data suggests a high risk of credential compromise and potential data exfiltration impacting employees and clients.

Total Events

4,353
credential exposure events

Employee Affected Events

3,694
account email domain = masrawy.com

Client Affected Events

659
service target = masrawy.com

Free Community Account

Stop stolen credentials from logging in

Own this domain? Create a free Lunar account to see full exposure data and evidence.

12-Month Events Timeline

Event volume by breach date, employee VS client

EmployeesClients
1,2008004000
peak month 1,175
Jul 25Sep 25Nov 25Jan 26Mar 26May 26Jun 26

Infostealers VS Data Breaches

Live stealer logs VS data breaches

Infostealer logs
Events189
Share4%
Data breaches
Events4,164
Share96%
Infostealer logs (4%)
189events
Data breaches (96%)
4,164events

3,694 compromised employee accounts pose an infrastructure risk, while 659 leaked client credentials create regulatory liability.

Antivirus Distribution

Security Tools on Infected Endpoints

No Data Available

Malware Families Distribution

Distribution of Active Stealer Strains

Redline54
Acreed23
Vidar18
Rhadamanthys8
LummaC27
RisePro4
StealC2

Top Login URLs

Top exposed services found in the event results

  1. 1masrawy.com122
  2. 2https://masrawy.com60
  3. 3https://masrawy.com/login25
  4. 4https://www.masrawy.com25
  5. 5masrawy.com/login23
  6. 6http://mail.masrawy.com/21
  7. 7http://www.masrawy.com/login20
  8. 8www.masrawy.com19
  9. 9https://masrawy.com/logon18
  10. 10masrawy.com/18

Infostealer By Geography

Shows the distribution of Infostealer-related credential exposure events across different geographic regions. The location is determined by analyzing the metadata of the infected machines associated with each event.

Egypt
Events107
United States
Events16
Japan
Events7
China
Events4
Netherlands
Events2
Pakistan
Events2
Poland
Events2
Denmark
Events2

Country Breakdown

  1. 1Egypt107
  2. 2United States16
  3. 3Japan7
  4. 4China4
  5. 5Netherlands2
  6. 6Pakistan2
  7. 7Poland2
  8. 8Denmark2

Services Classification Distribution

Blast radius - closer to core = more critical infrastructure, size = credential volume

Intranet1

Operating System Distribution

Distribution of compromised endpoint builds

Windows 1138
Windows 1021
Windows 10 Enterprise x6419
Windows 10 Pro x6416
Windows 11 Pro13

Leak Repository Classification

Where the exposed records currently reside

0
Named breaches
3,308
Combolist pools
856
Unattributed dumps

Disclaimer: This report includes AI-generated content. AI can make mistakes, so verify important findings independently before taking action.