Back

zhulong.com Domain Breach Exposure Report

Risk Score

High Risk

Massive event volume or critical assets compromised.

AI Findings Summary

Critical

The domain zhulong.com has experienced a significant number of data breaches, totaling 3,164 events, primarily sourced from combolist data. Additionally, there are 475 active infostealer logs, with Redline, Rhadamanthys, and LummaC2 being the most prevalent malware families. The exposure period spans from July 2025 to June 2026, with a notable increase in employee-related events in early 2026. The majority of targeted services are related to zhulong.com's authentication and forum platforms, with a focus on Windows operating systems. Geographically, the most affected regions include China, Taiwan, and the United States. Given the high volume of historical data breaches and active infostealer activity, this exposure presents a critical risk. The prevalence of combolist sources suggests a high likelihood of credential stuffing attacks and unauthorized access to user accounts. Prioritization should focus on immediate remediation of identified vulnerabilities, enhanced credential management, and proactive threat hunting to mitigate further compromise of employee and client data.

Total Events

3,639
credential exposure events

Employee Affected Events

76
account email domain = zhulong.com

Client Affected Events

3,563
service target = zhulong.com

Free Community Account

Stop stolen credentials from logging in

Own this domain? Create a free Lunar account to see full exposure data and evidence.

12-Month Events Timeline

Event volume by breach date, employee VS client

EmployeesClients
1,0006673330
peak month 973
Jul 25Sep 25Nov 25Jan 26Mar 26May 26Jun 26

Infostealers VS Data Breaches

Live stealer logs VS data breaches

Infostealer logs
Events475
Share13%
Data breaches
Events3,164
Share87%
Infostealer logs (13%)
475events
Data breaches (87%)
3,164events

76 compromised employee accounts pose an infrastructure risk, while 3,563 leaked client credentials create regulatory liability.

Antivirus Distribution

Security Tools on Infected Endpoints

���ް�ȫ����2

Malware Families Distribution

Distribution of Active Stealer Strains

Redline130
Rhadamanthys79
LummaC260
Acreed33
Vidar31
StealC10
Raccoon6
RisePro5
Millenium4

Top Login URLs

Top exposed services found in the event results

  1. 1zhulong.com170
  2. 2https://passport.zhulong.com144
  3. 3passport.zhulong.com134
  4. 4https://zhulong.com128
  5. 5https://bbs.zhulong.com107
  6. 6bbs.zhulong.com104
  7. 7passport.zhulong.com/user/login97
  8. 8http://passport.zhulong.com/user/reg95
  9. 9http://passport.zhulong.com/user/login89
  10. 10https://www.zhulong.com87

Infostealer By Geography

Shows the distribution of Infostealer-related credential exposure events across different geographic regions. The location is determined by analyzing the metadata of the infected machines associated with each event.

China
Events144
Taiwan
Events62
United States
Events50
Saudi Arabia
Events23
Malaysia
Events17
Indonesia
Events9
Chile
Events7

Country Breakdown

  1. 1China144
  2. 2Taiwan62
  3. 3United States50
  4. 4Saudi Arabia23
  5. 5Malaysia17
  6. 6Hong Kong SAR China16
  7. 7Indonesia9
  8. 8Chile7

Services Classification Distribution

Blast radius - closer to core = more critical infrastructure, size = credential volume

Pulse Secure3

Operating System Distribution

Distribution of compromised endpoint builds

Windows 11 24H2 build 26100 (64 Bit)86
Windows 1162
Windows 10 Enterprise x6460
Windows 10 Home China21
Windows 11 (Build 26200) (64 Bit)16

Leak Repository Classification

Where the exposed records currently reside

0
Named breaches
3,160
Combolist pools
4
Unattributed dumps

Disclaimer: This report includes AI-generated content. AI can make mistakes, so verify important findings independently before taking action.