The underground cybercrime economy is evolving fast—7.7 million endpoint logs were listed on underground markets in 2024, an increase from 6.8 million in 2023 SOTU. Logs are underground slang for username, passwords, and occasionally cookies extracted from a victim endpoint with stealer malware. Threat actors can purchase these logs on the underground and use them to access confidential accounts and data and even to deploy further attacks, such as ransomware. Contact us for a detailed analysis tailored to your company—covering endpoint logs, stolen credentials, and strategies to protect your extended attack surface. Below, explore endpoint log statistics from 2025 and beyond, updated monthly.
Endpoint log victims by country
In the past 12 months, India led all countries with 432102 endpoint logs, or 11.8% of the total. Below are the top endpoint log victims per country.
Top 10 countries
More signal, less noise. Latest cyber threat headlines from Bitsight Pulse.
-
2026-02-03 | Underground forum post offers SIM swap services globallyThe post on an underground forum advertises SIM swap services available for any country, particularly the USA. The service claims…
-
2026-02-03 | Request for M365 logs of large companiesAn individual is seeking valid access or logs to Microsoft 365 (M365) accounts of large companies with over 5000 employees. They …
-
2026-02-03 | Seeking to buy access to various CMS and web server management systemsThe post is an advertisement seeking to purchase access to various CMS, FTP, SSH, RDP, and web server management systems with fil…
-
2026-02-04 | Network Target Finder tool for finding admin panels and vulnerable targetsThe post introduces the Network Target Finder, a tool designed to locate admin panels and vulnerable targets on websites. It is p…
-
2026-02-02 | Custom payment form injection service offered on underground forumA user on an underground forum is offering a service to create custom payment form injections that visually mimic original paymen…
Bitsight Pulse consolidates the latest cybersecurity news, ransomware events and data breaches from hundreds of deep web, dark web, social and OSINT sources. Using Bitsight AI, Bitsight Pulse filters and personalizes these news events to your interests.
Latest cyber threat blogs
Featured blog
Discover a day in the life of threat hunting with Bitsight Adversary Intelligence. Learn how security teams detect and disrupt threats before damage is done.
Get a demo
Real-time cyber threat intelligence
Schedule a demo today and see how Bitsight's cyber threat intelligence solutions can help you prioritize, communicate, and mitigate risk across your extended attack surface.