← All datasets

CrownLogCloud Stealer Logs 7M

Jul 7, 2026

653,303
Records
1
Files
Jul 9, 2026
Added

A compilation of approximately 7 million credential records harvested by the 'CrownLogCloud' infostealer/credential-harvesting operation, distributed via Telegram (t.me/CROWNLOGCLOUD). The data is formatted as browser-saved credential dumps (URL, Username, Password, Application) captured from Chrome and Edge browsers across multiple victims. Credentials span a wide range of services including Facebook, Netflix, LinkedIn, Microsoft Live, VK, government portals (Ethiopia), and many others. The file contains no single target — it is a multi-victim stealer log compilation.

Data found in this dataset

emailText

Search this dataset

Scoped to this dataset. Fill any combination — results match if any field hits.

Source files

Expand any file to inspect its column headers and the LLM's field-mapping reasoning, recorded during ingestion.

7M.txt
1 column653,303 rows

File structure

Format: CSV·Delimiter: comma·Has header: yes·Quote: "

Source columnMapped fieldConfidenceLLM assessment
0emailTexthighfree-text column with embedded emails (15/195 cells, 8% density)

Notes: Heuristic auto-detection: header-named PII columns confirmed by data conformance