Back

torrentz.com Domain Breach Exposure Report

Risk Score

Medium Risk

Moderate exposure in standard leak repositories.

AI Findings Summary

Elevated

The telemetry indicates a significant exposure event affecting 1535 clients and 4 employees, primarily driven by 1380 historical data breaches and 159 active infostealer logs. The data suggests that the primary vector involves "Combolist sources" with "Blank Grabber" and "LummaC2" being the most prevalent malware families. The exposure period spans from July 2025 to June 2026, with notable spikes in client compromise during September 2025 and February-March 2026. The targeted service is predominantly "torrentz.com" and its associated profile pages, with North Macedonia being the most frequently observed country of origin for the telemetry.

Total Events

1,539
credential exposure events

Employee Affected Events

4
account email domain = torrentz.com

Client Affected Events

1,535
service target = torrentz.com

Free Community Account

Stop stolen credentials from logging in

Own this domain? Create a free Lunar account to see full exposure data and evidence.

12-Month Events Timeline

Event volume by breach date, employee VS client

EmployeesClients
5003331670
peak month 407
Jul 25Sep 25Nov 25Jan 26Mar 26May 26Jun 26

Infostealers VS Data Breaches

Live stealer logs VS data breaches

Infostealer logs
Events159
Share10%
Data breaches
Events1,380
Share90%
Infostealer logs (10%)
159events
Data breaches (90%)
1,380events

4 compromised employee accounts pose an infrastructure risk, while 1,535 leaked client credentials create regulatory liability.

Antivirus Distribution

Security Tools on Infected Endpoints

Windows Defender39
Avast Antivirus3

Malware Families Distribution

Distribution of Active Stealer Strains

Blank Grabber42
LummaC229
Redline23
Rhadamanthys6
Vidar4
Raccoon3
StealC2
Acreed2

Top Login URLs

Top exposed services found in the event results

  1. 1torrentz.com210
  2. 2torrentz.com/profile180
  3. 3https://torrentz.com147
  4. 4http://www.torrentz.com/102
  5. 5https://www.torrentz.com94
  6. 6torrentz.com/93
  7. 7https://www.torrentz.com/profile91
  8. 8http://www.torrentz.com/profile89
  9. 9www.torrentz.com87
  10. 10www.torrentz.com/profile82

Infostealer By Geography

Shows the distribution of Infostealer-related credential exposure events across different geographic regions. The location is determined by analyzing the metadata of the infected machines associated with each event.

United States
Events5
Egypt
Events5
India
Events4
Brazil
Events4
Sri Lanka
Events3
Tanzania
Events3

Country Breakdown

  1. 1North Macedonia42
  2. 2United States5
  3. 3Egypt5
  4. 4India4
  5. 5Brazil4
  6. 6Slovakia4
  7. 7Sri Lanka3
  8. 8Tanzania3

Services Classification Distribution

Blast radius - closer to core = more critical infrastructure, size = credential volume

-
Total

Operating System Distribution

Distribution of compromised endpoint builds

Windows 10 Pro13
Windows 10 Enterprise x649
Windows 11 Pro (10.0.26100) x647
Windows 10 Home x645
Windows 10 22H2 build 19045 (64 Bit)4

Leak Repository Classification

Where the exposed records currently reside

0
Named breaches
1,378
Combolist pools
2
Unattributed dumps

Disclaimer: This report includes AI-generated content. AI can make mistakes, so verify important findings independently before taking action.