Back

softcoin.com Domain Breach Exposure Report

Risk Score

Medium Risk

Moderate exposure in standard leak repositories.

AI Findings Summary

Elevated

The domain softcoin.com has experienced a significant number of data breaches and infostealer events over the past year, totaling 396 incidents. The majority of these events, 316, are classified as historical data breaches, while 80 are active infostealer logs. The timeline indicates a notable increase in client-related events starting in August 2025, with a peak in March 2026, alongside a consistent, albeit lower, number of employee-related events. Malware analysis reveals a prevalence of Rhadamanthys, LummaC2, and Redline infostealers, suggesting a targeted campaign. The primary affected services are related to costuless.softcoin.com and the main softcoin.com domain, with the majority of affected operating systems being Windows 11 24H2. The high volume of data breaches and active infostealer logs, coupled with the use of common infostealer malware families, indicates a substantial risk of credential compromise and potential financial loss. The concentration of events on client-facing services and the high number of client-related incidents suggest that client data may be at risk. Remediation efforts should focus on securing client credentials, investigating the root cause of the data breaches, and enhancing defenses against the identified infostealer malware families, particularly Rhadamanthys and LummaC2.

Total Events

396
credential exposure events

Employee Affected Events

50
account email domain = softcoin.com

Client Affected Events

346
service target = softcoin.com

Free Community Account

Stop stolen credentials from logging in

Own this domain? Create a free Lunar account to see full exposure data and evidence.

12-Month Events Timeline

Event volume by breach date, employee VS client

EmployeesClients
12080400
peak month 108
Jul 25Sep 25Nov 25Jan 26Mar 26May 26Jun 26

Infostealers VS Data Breaches

Live stealer logs VS data breaches

Infostealer logs
Events80
Share20%
Data breaches
Events316
Share80%
Infostealer logs (20%)
80events
Data breaches (80%)
316events

50 compromised employee accounts pose an infrastructure risk, while 346 leaked client credentials create regulatory liability.

Antivirus Distribution

Security Tools on Infected Endpoints

No Data Available

Malware Families Distribution

Distribution of Active Stealer Strains

Rhadamanthys32
LummaC217
Redline7
Vidar2
Remus1

Top Login URLs

Top exposed services found in the event results

  1. 1https://costuless.softcoin.com/programs/costuless/91
  2. 2costuless.softcoin.com/programs/costuless/31
  3. 3softcoin.com26
  4. 4http://www.softcoin.com/17
  5. 5https://costuless.softcoin.com15
  6. 6https://softcoin.com14
  7. 7softcoin.com/14
  8. 8http://www.softcoin.com/p/handler13
  9. 9costuless.softcoin.com13
  10. 10https://www.softcoin.com/12

Infostealer By Geography

Shows the distribution of Infostealer-related credential exposure events across different geographic regions. The location is determined by analyzing the metadata of the infected machines associated with each event.

India
Events2
United States
Events1

Country Breakdown

  1. 1U.S. Virgin Islands48
  2. 2India2
  3. 3United States1

Services Classification Distribution

Blast radius - closer to core = more critical infrastructure, size = credential volume

-
Total

Operating System Distribution

Distribution of compromised endpoint builds

Windows 11 24H2 build 26100 (64 Bit)55
Windows 10 Home2

Leak Repository Classification

Where the exposed records currently reside

0
Named breaches
284
Combolist pools
32
Unattributed dumps

Disclaimer: This report includes AI-generated content. AI can make mistakes, so verify important findings independently before taking action.