New Report Finds Billions of Leaked Credentials and ULP Files on Dark Web Are Outdated

A recent in-depth analysis by threat intelligence experts sheds critical light on the pervasive issue of outdated and unreliable data circulating on the dark web.

The report, spanning a comprehensive 26-minute read, delves into the world of combolists text files containing username-password pairs and URL-Login-Password (ULP) files, which include associated website URLs alongside credentials.

Despite frequent claims of containing billions of fresh, exploitable records, the study reveals that these datasets are often recycled from historical breaches, autogenerated, or falsely marketed as new leaks.

Secondary Nature of Combolists

This secondary nature significantly diminishes their value as actionable indicators of compromise, posing challenges for cybersecurity defenders who rely on timely and accurate threat intelligence to mitigate risks.

The report uncovers a troubling trend of mislabeling within underground markets, where combolists and ULP files are often advertised as “infostealer logs” datasets directly extracted from infected devices via malware, containing rich contextual data like ...