COMPROMISED MACHINES

the all-around infostealer hub.

Join 5,000+ cybersecurity pros for weekly infostealer updates and expert tips about cybercrime intelligence

What are infostealers?

What is an “info-stealer”? (Part Ⅰ)

June 7, 2022

Botnets & Info-Stealers (Part Ⅱ)

July 14, 2022

Botnets & Info-Stealers (Part Ⅲ)

January 1, 2023

BLOG

READ OUR POSTS ABOUT INFO STEALERS

REPORTS

STAY UPDATED WITH OUR INFO STEALER REPORTS

FREE TOOLS

ARE YOU COMPROMISED?

As Seen On

Featured Infostealer Articles →

The Missing Link: How Infostealers Fuel Ransomware Attacks (and Our New Partnership with Ransomware.live)

Inside the Coinbase Cartel: How Infostealer Credentials Fueled a 100+ Company Ransomware Spree

Korean matchmaking service Duo fined over £600,000 over sensitive data leak from Infostealer infection

Original report – https://www.teiss.co.uk/news/news-scroller/korean-matchmaking-service-duo-fined-over-600000-over-sensitive-member-data-breach-17402 Korean matchmaking company Duo has been fined over £600,000 by the country’s data protection watchdog for failing to secure the data of over 427,000 customers during a breach incident in early 2025. Korean matchmaking company Duo

Breaking: Vercel Breach Linked to Infostealer Infection at Context.ai

Infostealers ULP Data Is Burning Out SOC Teams and Killing Automation

Free Infostealer Monitoring: Track Up to 3 Emails, 3 Domains, and 3 Usernames

The Missing Link: How Infostealers Fuel Ransomware Attacks (and Our New Partnership with Ransomware.live)

The Infostealer-Ransomware Pipeline: A New Partnership with Ransomware.live The Missing Link: How Infostealers Fuel Ransomware Attacks (and Our New Partnership with Ransomware.live) In the ever-evolving landscape of cyber threats, understanding the full lifecycle of an attack is crucial for defense. While ransomware deployment represents the devastating final act that grabs headlines, the silent precursor to these intrusions is frequently an

Inside the Coinbase Cartel: How Infostealer Credentials Fueled a 100+ Company Ransomware Spree

Inside the Coinbase Cartel: How Infostealer Credentials Fueled a 100+ Company Ransomware Spree Inside the Coinbase Cartel: How Infostealer Credentials Fueled a 100+ Company Ransomware Spree By Hudson Rock Research Team A rapidly expanding ransomware and extortion group known as Coinbase Cartel has officially claimed over 100 targets. The group, which first emerged in September 2025, has made a name

Korean matchmaking service Duo fined over £600,000 over sensitive data leak from Infostealer infection

Breaking: Vercel Breach Linked to Infostealer Infection at Context.ai

Breaking: Vercel Breach Linked to Infostealer Infection at Context.ai Breaking: Vercel Breach Linked to Infostealer Infection at Context.ai Following the recent confirmation of the Vercel breach, where threat actors claimed to be actively selling stolen corporate data, Hudson Rock has identified the likely point of origin. Our cybercrime intelligence indicates that a very recent infostealer infection of an employee at

Infostealers ULP Data Is Burning Out SOC Teams and Killing Automation

Infostealers ULP Data Is Burning Out SOC Teams and Killing Automation Infostealers ULP Data Is Burning Out SOC Teams and Killing Automation The cybersecurity industry has developed a dangerous dual obsession: unverified automation and using sheer data volume as the ultimate benchmark for success. Vendors routinely boast about monitoring “tens of billions” of leaked records, actively equating raw database size

Free Infostealer Monitoring: Track Up to 3 Emails, 3 Domains, and 3 Usernames

Free Infostealer Monitoring: Track Up to 3 Emails, 3 Domains, and 3 Usernames Free Infostealer Monitoring: Track Up to 3 Emails, 3 Domains, and 3 Usernames Start Monitoring Your Identities for Free We are seeing a massive spike in Infostealer infections across the community lately. It’s critical to understand that these aren’t just old data breaches, they are active infections

INFOSTEALERS WEEKLY REPORT

InfoStealers Weekly Report – In this comprehensive report, we provide you with valuable insights into the most pressing threats facing organizations today. As cyberattacks continue to grow in complexity and scale, our mission is to equip you with the knowledge and tools needed to safeguard your sensitive information. Join us as we analyze the top compromised domains, identify trends in compromised employees and users, and examine the global impact of InfoStealer infections. Stay informed, stay protected, and stay one step ahead of cyber threats with our weekly report and info-stealers statistics.

15,698

Compromised
Machines

2,710

Compromised
Employees

3,602

Compromised
Users

9,386

Compromised
Androids

199,640

Compromised
Domains

TOP DOMAINS COMPROMISED BY INFOSTEALERS

google.com

10,671
USERS INFECTED
WITH INFO STEALERS

VIEW MORE →
facebook.com

8,213
USERS INFECTED
WITH INFO STEALERS

VIEW MORE →
live.com

6,604
USERS INFECTED
WITH INFO STEALERS

VIEW MORE →
com.facebook.katana

5,031
USERS INFECTED
WITH INFO STEALERS

VIEW MORE →
instagram.com

5,000
USERS INFECTED
WITH INFO STEALERS

VIEW MORE →
com.instagram.android

3,922
USERS INFECTED
WITH INFO STEALERS

VIEW MORE →
netflix.com

3,429
USERS INFECTED
WITH INFO STEALERS

VIEW MORE →
amazon.com

3,208
USERS INFECTED
WITH INFO STEALERS

VIEW MORE →
discord.com

3,115
USERS INFECTED
WITH INFO STEALERS

VIEW MORE →
apple.com

3,052
USERS INFECTED
WITH INFO STEALERS

VIEW MORE →
com.netflix.mediaclient

2,694
USERS INFECTED
WITH INFO STEALERS

VIEW MORE →
paypal.com

2,568
USERS INFECTED
WITH INFO STEALERS

VIEW MORE →
steampowered.com

2,313
USERS INFECTED
WITH INFO STEALERS

VIEW MORE →
microsoftonline.com

2,299
USERS INFECTED
WITH INFO STEALERS

VIEW MORE →
192.168.1.1

2,258
USERS INFECTED
WITH INFO STEALERS

VIEW MORE →
mega.nz

2,213
USERS INFECTED
WITH INFO STEALERS

VIEW MORE →
twitter.com

2,133
USERS INFECTED
WITH INFO STEALERS

VIEW MORE →
roblox.com

2,129
USERS INFECTED
WITH INFO STEALERS

VIEW MORE →
linkedin.com

2,018
USERS INFECTED
WITH INFO STEALERS

VIEW MORE →
unlocktool.net

1,922
USERS INFECTED
WITH INFO STEALERS

VIEW MORE →
github.com

1,886
USERS INFECTED
WITH INFO STEALERS

VIEW MORE →
samsung.com

1,873
USERS INFECTED
WITH INFO STEALERS

VIEW MORE →
192.168.0.1

1,872
USERS INFECTED
WITH INFO STEALERS

VIEW MORE →
openai.com

1,862
USERS INFECTED
WITH INFO STEALERS

VIEW MORE →
com.snapchat.android

1,812
USERS INFECTED
WITH INFO STEALERS

VIEW MORE →
com.discord

1,794
USERS INFECTED
WITH INFO STEALERS

VIEW MORE →
com.spotify.music

1,768
USERS INFECTED
WITH INFO STEALERS

VIEW MORE →
com.roblox.client

1,754
USERS INFECTED
WITH INFO STEALERS

VIEW MORE →
spotify.com

1,704
USERS INFECTED
WITH INFO STEALERS

VIEW MORE →
amazon.in

1,696
USERS INFECTED
WITH INFO STEALERS

VIEW MORE →
com.facebook.lite

1,599
USERS INFECTED
WITH INFO STEALERS

VIEW MORE →
com.pinterest

1,586
USERS INFECTED
WITH INFO STEALERS

VIEW MORE →
xiaomi.com

1,552
USERS INFECTED
WITH INFO STEALERS

VIEW MORE →
yahoo.com

1,452
USERS INFECTED
WITH INFO STEALERS

VIEW MORE →
com.facebook.orca

1,448
USERS INFECTED
WITH INFO STEALERS

VIEW MORE →
epicgames.com

1,374
USERS INFECTED
WITH INFO STEALERS

VIEW MORE →
zoom.us

1,359
USERS INFECTED
WITH INFO STEALERS

VIEW MORE →
twitch.tv

1,291
USERS INFECTED
WITH INFO STEALERS

VIEW MORE →
com.twitter.android

1,276
USERS INFECTED
WITH INFO STEALERS

VIEW MORE →
riotgames.com

1,254
USERS INFECTED
WITH INFO STEALERS

VIEW MORE →
tiktok.com

1,181
USERS INFECTED
WITH INFO STEALERS

VIEW MORE →
adobe.com

1,132
USERS INFECTED
WITH INFO STEALERS

VIEW MORE →
steamcommunity.com

1,124
USERS INFECTED
WITH INFO STEALERS

VIEW MORE →
snapchat.com

960
USERS INFECTED
WITH INFO STEALERS

VIEW MORE →
mediafire.com

918
USERS INFECTED
WITH INFO STEALERS

VIEW MORE →
com.paypal.android.p2pmobile

905
USERS INFECTED
WITH INFO STEALERS

VIEW MORE →
tv.twitch.android.app

885
USERS INFECTED
WITH INFO STEALERS

VIEW MORE →
pinterest.com

851
USERS INFECTED
WITH INFO STEALERS

VIEW MORE →
rockstargames.com

849
USERS INFECTED
WITH INFO STEALERS

VIEW MORE →
binance.com

818
USERS INFECTED
WITH INFO STEALERS

VIEW MORE →