Severity: High

Category: Cyber Threat

Target: Malaysia TNG eWallet User

Analysis Performed By:

  1. Alif Hakimi , Student (UniKL)
  2. Faez Nazari, Student (UTeM)

Date of Analysis: March 13, 2026

Scope: Technical investigation of phishing infrastructure targeting Malaysian financial services.

Executive Summary

Type Indicator
URL 1 hxxps://ewallet[.]tng-qr[.]it[.]com/2/
URL 2 hxxps://tng-wallet-qr[.]ty-fli[.]com/6/
URL 3 hxxps://bantuan[.]tng-gov-my[.]online/apl
Associated IP/API API/index.php (for URL 1 & 2)
/generate-session, /validate-otp (for URL 3)

Potential Impact Towards CIA

Technical Analysis

Relevant Impact on Successful Attack

Relevant Initial Access

Recommendation