2026-02-28 Analysis of the “Kongsi Rezeki” on Threads social media QR-phishing campaign| Threat Intelligence Malaysia

📃Title: Analysis of the “Kongsi Rezeki” on Threads social media QR-phishing campaign
📅Date: 2026-02-28
🔗References:

https://www.notion.so/3ch0/Analysis-of-the-Kongsi-Rezeki-on-Threads-social-media-QR-phishing-campaign-314d05a447d5809abc48e44233792978

🔖Rectifyq Taxonomies:

relevancy: 🔴 Highly Relevant
category: ⚔Threat
sub-category: campaign-analysis
target: broad-based
MY-relevancy: relevant

🔖MISP Galaxies:

target-information=“Malaysia”
mitre-attack-pattern=[‘T1531’, ‘T1588.004’, ‘T1583.001’, ‘T1041’, ‘T1111’, ‘T1566.002’, ‘T1598.003’]

MISP event uuid: 0b6037c8-d75d-4ba2-a378-7e0a2757a051

Indicator of Compromise (IoCs)

type,value,comment
url, https://tngduitraya14.gbdjw.my/, 'Landing page after QR scan.'
url, https://tngduitraya14.gbdjw.my/go/, 'Data collection page.'
url, https://tngduitraya14.gbdjw.my/API/index.php, 'C2 server for data exfiltration.'
domain, gbdjw.my, 'Malicious Domain.'
hostname, money.gbdjw.my, ''
hostname, tngduitraya.gbdjw.my, ''
hostname, moneypocket.gbdjw.my, ''

Full IOCs available in Rectifyq's MISP```

Rectifyq

Explorer

2026-02-28 Analysis of the “Kongsi Rezeki” on Threads social media QR-phishing campaign

Indicator of Compromise (IoCs)

Graph View