LinkSort Stealer Log #1
Jul 7, 2026
A credential stealer log dump labeled 'LinkSort#1' containing URL:username:password triplets harvested from multiple victims across dozens of services including Facebook, Google, PayPal, Instagram, Discord, Roblox, VK, and many others. The data appears to originate from infostealer malware (likely a credential harvester or browser password stealer) rather than a single-target breach. Credentials belong to multiple individuals, many appearing to be from Italian, Russian, and Indian contexts based on domains and usernames.
Data found in this dataset
Source files
Expand any file to inspect its column headers and the LLM's field-mapping reasoning, recorded during ingestion.
LinkSort_1.txt2 columns970,269 rows
File structure
| Source column | Mapped field | Confidence | LLM assessment |
|---|---|---|---|
| 0 | username | high | contains URLs, platform identifiers, 'android://' prefixes, and sometimes 'UNKNOWN' placeholder indicating login fields |
| 1 | password | high | varied formats including plain text, hashes, special characters, and numeric strings typical of passwords |
Notes: Credential stealer log dump containing URL:username:password triplets from multiple services including Facebook, Google, PayPal, Discord, Roblox, VK, etc. Data originates from infostealer malware (credential harvester or browser password stealer) affecting multiple victims across Italian, Russian, and Indian contexts.