LinkSort Stealer Log Compilation #65
Jul 7, 2026
A stealer log compilation labeled 'LinkSort #65' containing credential pairs in URL:username:password format. The data appears to be aggregated from infostealer malware logs across multiple victims, covering a wide variety of services including Google, Facebook, Steam, Roblox, Discord, Minecraft, Wargaming, Spotify, and others. Victims appear to be from multiple countries including Germany, Malaysia, Hungary, and Indonesia. This is not a breach of a single organization but rather a compiled dump of stolen credentials from individual victims' infected devices.
Data found in this dataset
Source files
Expand any file to inspect its column headers and the LLM's field-mapping reasoning, recorded during ingestion.
LinkSort_65.txt3 columns999,896 rows
File structure
| Source column | Mapped field | Confidence | LLM assessment |
|---|---|---|---|
| 0 | skip | high | contains URLs or app identifiers |
| 1 | username | high | various user identifiers including emails, phone numbers, and usernames |
| 2 | password | high | values look like passwords/hashes |
Notes: Combo list containing URL/application identifier, username (often email), and password. Username field contains PII such as email addresses, phone numbers, and usernames. Password field contains plaintext passwords and password hashes.