Back

sammydress.com Domain Breach Exposure Report

Risk Score

High Risk

Massive event volume or critical assets compromised.

AI Findings Summary

Critical

The domain sammydress.com has experienced a significant number of events, with a risk score of 88. The primary exposure stems from 21,498 historical data breaches, accounting for 87.4% of all events. Additionally, 3,093 active infostealer logs were observed, representing 12.6% of events. The timeline indicates a peak in client-related events in March 2026, with 7,256 instances, and a notable number of employee-related events in September 2025 (2) and February 2026 (4). Malware families associated with these events include LummaC2, Redline, and Rhadamanthys, suggesting potential credential harvesting and data exfiltration activities. The targeted services are primarily login endpoints for sammydress.com, indicating a focus on user authentication mechanisms. Given the high volume of data breaches and active infostealer logs, the priority for remediation should be on securing user credentials and investigating the root cause of the historical data breaches. The prevalence of infostealer malware targeting login services suggests a direct threat to user accounts and potentially sensitive personal information. The observed malware families are known for their ability to steal credentials, session cookies, and financial information. The leak repository classification indicates that the majority of exposed data originates from combolist sources, which are often derived from previous breaches or credential stuffing attacks. The focus should be on incident response, vulnerability management, and enhancing authentication security measures to mitigate further compromise.

Total Events

24,591
credential exposure events

Employee Affected Events

13
account email domain = sammydress.com

Client Affected Events

24,578
service target = sammydress.com

Free Community Account

Stop stolen credentials from logging in

Own this domain? Create a free Lunar account to see full exposure data and evidence.

12-Month Events Timeline

Event volume by breach date, employee VS client

EmployeesClients
8,0005,3332,6670
peak month 7,256
Jul 25Sep 25Nov 25Jan 26Mar 26May 26Jun 26

Infostealers VS Data Breaches

Live stealer logs VS data breaches

Infostealer logs
Events3,093
Share13%
Data breaches
Events21,498
Share87%
Infostealer logs (13%)
3,093events
Data breaches (87%)
21,498events

13 compromised employee accounts pose an infrastructure risk, while 24,578 leaked client credentials create regulatory liability.

Antivirus Distribution

Security Tools on Infected Endpoints

Windows Defender10
Windows Defender [ON]2
Windows Defender Norton Security Ultra1

Malware Families Distribution

Distribution of Active Stealer Strains

LummaC2547
Redline438
Rhadamanthys305
Acreed259
Vidar203
Millenium52
StealC50
RisePro36
Raccoon28

Top Login URLs

Top exposed services found in the event results

  1. 1https://login.sammydress.com/m-users-a-sign.htm4,362
  2. 2login.sammydress.com/m-users-a-sign.htm3,196
  3. 3https://login.sammydress.com2,696
  4. 4login.sammydress.com2,465
  5. 5https://login.sammydress.com/fr/m-users-a-sign.htm676
  6. 6https://login.sammydress.com/pt/m-users-a-sign.htm669
  7. 7https://user.sammydress.com633
  8. 8user.sammydress.com602
  9. 9login.sammydress.com/pt/m-users-a-sign.htm530
  10. 10login.sammydress.com/fr/m-users-a-sign.htm503

Infostealer By Geography

Shows the distribution of Infostealer-related credential exposure events across different geographic regions. The location is determined by analyzing the metadata of the infected machines associated with each event.

United States
Events293
Brazil
Events226
France
Events226
Pakistan
Events108
Spain
Events94
Canada
Events62
Algeria
Events49

Country Breakdown

  1. 1United States293
  2. 2Brazil226
  3. 3France226
  4. 4Pakistan108
  5. 5Spain94
  6. 6Canada62
  7. 7Trinidad & Tobago55
  8. 8Algeria49

Services Classification Distribution

Blast radius - closer to core = more critical infrastructure, size = credential volume

-
Total

Operating System Distribution

Distribution of compromised endpoint builds

Windows 11344
Windows 10 Enterprise x64185
Windows 11 24H2 build 26100 (64 Bit)132
Windows 10 Home x64119
Windows 10 22H2 build 19045 (64 Bit)117

Leak Repository Classification

Where the exposed records currently reside

0
Named breaches
21,491
Combolist pools
7
Unattributed dumps

Disclaimer: This report includes AI-generated content. AI can make mistakes, so verify important findings independently before taking action.