Rectifyq📃Title: PhishHuntMY] How a Fake eWallet Aid Page Steals Your Telegram Account
📅Date: 2026-03-07
🔗References:
🔖Rectifyq Taxonomies:
- relevancy: 🔴 Highly Relevant
- category: ⚔Threat
- sub-category: campaign-analysis
- target: broad-based
- MY-relevancy: relevant
🔖MISP Galaxies:
- target-information=“Malaysia”
- online-service=“b0c71d51-34fd-47b5-9eb4-dd406ffc607f”
- mitre-attack-pattern=[‘T1555.003’, ‘T1589’, ‘T1656’, ‘T1036’, ‘T1027’, ‘T1598’, ‘T1566.002’]
MISP event uuid: d5db54fc-c17c-41dd-bf0e-051090d68e97
Indicator of Compromise (IoCs)
type,value,comment
sha256, aea32c34b4c7f43766908856ff2ae7e5c1d75c290eb3b4ae37fb60b9a23c486f, 'No sample in VT\r\nLast check:17/03/2026 No sample in VT\r\nLast check:20/03/2026'
url, https://bantuan-ewallet-tng-my65mo.ask88sx.my.id/, ''
url, https://bantuan-tng-ewallet-my-009k.faj8.my.id/, ''
url, https://new-link-update-nhcr52.dwwb41.my.id/, ''
url, https://tng-ewallet-chc5x7.uncategori-v3.my.id/, ''
url, https://tng-ewallet-ch7v1.qx0-b5.my.id/, ''
url, https://tng-ewallet-xvcy8.fast-x9.my.id/, ''
url, https://tng-ewallet-gxk7v3.zx88c.my.id/, ''
url, https://tbg-ewallet-xdt42.qif7.my.id/, ''
url, https://tng-ewallet-chx9m.axf66.my.id/, ''
url, https://tng-ewallet-ex73f.afc88v.my.id/, ''
url, https://tng-digital-bc882x.qx0-b5.my.id/, ''
url, https://bantuan-ewallet-2026.zx88c.my.id/, ''
url, https://tng-digital-cfx008.exc-k7.my.id/, ''
url, https://tng-ewalet2026-vx9.regis-x8.my.id/, ''
url, https://bantuan-tng-ewallet-fj2z8.xxx55.my.id/, ''
url, https://tng-ewallet-ic5s80.zx88.my.id/, ''
url, https://bantuan-tng-ewallet-ckf772f.vip-66dx.my.id/, ''
url, https://bantuan-tng-ewallet-dgp85.saft88.my.id/, ''
url, https://bantuan-ewallet-tng-2025-my76c08.gvw08d.my.id/, ''
url, http://bantuan-ewallet-tng-2025-my76c08.gvw08d.my.id/, ''
Full IOCs available in Rectifyq’s MISP