The underground cybercrime economy is evolving fast with millions of endpoint logs listed on underground markets. Logs are underground slang for username, passwords, and occasionally cookies extracted from a victim endpoint with stealer malware. Threat actors can purchase these logs on the underground and use them to access confidential accounts and data and even to deploy further attacks, such as ransomware. Contact us for a detailed analysis tailored to your company—covering endpoint logs, stolen credentials, and strategies to protect your extended attack surface. Below, explore endpoint log statistics from 2025-2026, updated monthly.
Endpoint log victims by country
In the past 12 months, India led all countries with 310394 endpoint logs, or 13.1% of the total. Below are the top endpoint log victims per country.
Top 10 countries
More signal, less noise. Latest cyber threat headlines from Bitsight Pulse.
-
2026-07-02 | Sale of Forti VPN access on underground forumAn underground forum post is advertising the sale of access to Forti VPN 1200. The access is claimed to be valid and sourced from…
-
2026-07-02 | Sale of Turkish FortiGate VPN access with Super Admin privilegesA post on an underground forum is advertising the sale of access to a FortiGate VPN with Super Admin privileges in Turkey. The ac…
-
2026-07-02 | Selling WordPress access with admin and shell capabilitiesThe post is an offer to sell access to WordPress sites, including admin and shell access. The seller promises a list of domains f…
-
2026-07-02 | Offering strategic intelligence services targeting global logistics and transportation infrastructureAn underground forum post advertises services for persistent access and intelligence collection in global trade logistics and cri…
-
2026-07-02 | High-value engagements targeting global logistics and transportation infrastructure offeredThe post offers high-value engagements targeting global trade logistics and critical transportation infrastructure. It highlights…
Bitsight Pulse consolidates the latest cybersecurity news, ransomware events and data breaches from hundreds of deep web, dark web, social and OSINT sources. Using Bitsight AI, Bitsight Pulse filters and personalizes these news events to your interests.
Latest cyber threat blogs
Featured blog
The threat landscape in 2025 did not get safer; it changed shape. In Bitsight’s annual State of the Underground report we discuss cyber threat trends, key players, attack vectors, and why it all matters.
Free Benchmark Report
Free, customized cyber risk benchmark report
This custom report provides key takeaways regarding your company’s cybersecurity posture (likelihood of breach, industry benchmarks, and threat insights) using Bitsight data that has been independently verified to have the strongest correlation to the likelihood of a cyber incident.