LinkSort Stealer Log Compilation #31
Jul 7, 2026
A stealer log compilation labeled 'LinkSort #31' containing credential triplets in the format URL:username/email:password. The data appears to be harvested by infostealer malware from multiple Polish-speaking victims, covering accounts across Steam, Google, Facebook, Discord, Roblox, Twitch, Allegro, Netflix, and many other services. Also includes Android app credential captures. No single target company — this is a multi-target stealer log dump aggregated under the 'LinkSort' series label.
Data found in this dataset
Source files
Expand any file to inspect its column headers and the LLM's field-mapping reasoning, recorded during ingestion.
LinkSort_31.txt3 columns999,840 rows
File structure
| Source column | Mapped field | Confidence | LLM assessment |
|---|---|---|---|
| 0 | skip | high | contains URLs, app identifiers, or placeholder values (e.g., UNKNOWN) |
| 1 | username | high | contains user identifiers, emails, or generated usernames |
| 2 | password | high | contains password-like strings, hashes, or placeholders |
Notes: Combo list containing URL/app identifiers, usernames/emails, and passwords. Data harvested by infostealer malware from multiple services including gaming platforms, social media, streaming services, and Android apps.