Victims

Each infostealer infection produces a victim: a single device with credentials, cookies, a system fingerprint and an archive of exfiltrated files. The victims tool is where you explore everything captured from one device.

Where

In-app: /app/victims.

Find a victim

You can land on a victim profile two ways:

• From a stealer log row — click the victim id badge.
• From a breach search row — when the email matches a known device.
• Direct URL: /app/victims/[victimId].

Profile sections

1. Overview — OS, hostname, country, public IP, stealer family, infection date.
2. Credentials — every login captured from this device.
3. Cookies — session cookies grouped by domain.
4. Files — a virtual file tree of everything the stealer exfiltrated.

File tree

Browse like a file explorer. Each file shows size and capture date. Click to view text content inline; binaries show a Download link instead.

Privacy & lawful use

Victim data is sourced from leaked stealer logs already in circulation. SquareBreach is a defender’s lens on that data. By using it you agree to the Acceptable Use Policy.

Credit cost

• 1 credit to load a victim profile (1h cache).
• 0 credits to navigate within the file tree.
• 0 credits to download or view text files.