Back

vid.me Domain Breach Exposure Report

Risk Score

High Risk

Massive event volume or critical assets compromised.

AI Findings Summary

Critical

The domain vid.me is associated with a significant number of historical data breaches (11,140 events) and active infostealer logs (1,124 events) over the observed period. The data indicates a substantial exposure of client credentials, with 12,259 client accounts affected. Employee exposure is minimal, with only 5 employee accounts impacted. The primary source of these leaks appears to be combolist sources, suggesting credential stuffing or reuse attacks. Malware families commonly associated with these events include Redline, LummaC2, and Rhadamanthys, all known for their ability to steal credentials and sensitive information.

Total Events

12,264
credential exposure events

Employee Affected Events

5
account email domain = vid.me

Client Affected Events

12,259
service target = vid.me

Free Community Account

Stop stolen credentials from logging in

Own this domain? Create a free Lunar account to see full exposure data and evidence.

12-Month Events Timeline

Event volume by breach date, employee VS client

EmployeesClients
3,0002,0001,0000
peak month 2,841
Jul 25Sep 25Nov 25Jan 26Mar 26May 26Jun 26

Infostealers VS Data Breaches

Live stealer logs VS data breaches

Infostealer logs
Events1,124
Share9%
Data breaches
Events11,140
Share91%
Infostealer logs (9%)
1,124events
Data breaches (91%)
11,140events

5 compromised employee accounts pose an infrastructure risk, while 12,259 leaked client credentials create regulatory liability.

Antivirus Distribution

Security Tools on Infected Endpoints

Windows Defender31
Sophos Intercept X1

Malware Families Distribution

Distribution of Active Stealer Strains

Redline232
LummaC2148
Rhadamanthys141
Acreed102
Vidar64
StealC17
RisePro13
Raccoon13
Millenium13

Top Login URLs

Top exposed services found in the event results

  1. 1https://vid.me2,318
  2. 2vid.me2,296
  3. 3https://vid.me/1,978
  4. 4vid.me/1,650
  5. 5https://vid.me/search77
  6. 6vid.me/search60
  7. 7https://vid.me/register56
  8. 8http://vid.me/45
  9. 9vid.me/register42
  10. 10vid.me/dmorgan208939

Infostealer By Geography

Shows the distribution of Infostealer-related credential exposure events across different geographic regions. The location is determined by analyzing the metadata of the infected machines associated with each event.

United States
Events138
Germany
Events86
Brazil
Events43
Bangladesh
Events42
Saudi Arabia
Events34
Egypt
Events29
Philippines
Events29
Indonesia
Events27

Country Breakdown

  1. 1United States138
  2. 2Germany86
  3. 3Brazil43
  4. 4Bangladesh42
  5. 5Saudi Arabia34
  6. 6Egypt29
  7. 7Philippines29
  8. 8Indonesia27

Services Classification Distribution

Blast radius - closer to core = more critical infrastructure, size = credential volume

-
Total

Operating System Distribution

Distribution of compromised endpoint builds

Windows 10 Enterprise x64106
Windows 11106
Windows 10 Pro62
Windows 11 24H2 build 26100 (64 Bit)61
Windows 10 Home x6450

Leak Repository Classification

Where the exposed records currently reside

0
Named breaches
11,136
Combolist pools
4
Unattributed dumps

Disclaimer: This report includes AI-generated content. AI can make mistakes, so verify important findings independently before taking action.