t.me
Jul 7, 2026
A stealer log dump sold via Telegram channel @OCTOPUSCLOUDLOGS and threat actor @WASTINGT1M3. Contains credential pairs in URL:username:password format harvested from infostealer malware. Credentials span numerous services including Facebook, Instagram, Google, Steam, Discord, Daraz, Riot Games, and various Pakistani government/education portals. Data appears to originate primarily from Pakistani users. This is not a breach of a single target but a compiled stealer log collection of approximately 586 GB according to the seller.
Data found in this dataset
Source files
Expand any file to inspect its column headers and the LLM's field-mapping reasoning, recorded during ingestion.
URL_2.txt3 columns542,165 rows
File structure
| Source column | Mapped field | Confidence | LLM assessment |
|---|---|---|---|
| 0 | skip | high | contains URLs, service identifiers, or IP addresses instead of direct PII |
| 1 | high | contains valid email addresses with @ symbol and domain structure | |
| 2 | password | high | contains password-like strings including special characters, numbers, and mixed case |
Notes: Combo list format from OctopusCloudLogs stealer dump containing URL/service:email:password patterns. First field contains service identifiers rather than direct PII.