This is a public service announcement. Warning do not subscribe or make any contact to these type of website.

While malware/ransomware continue to cause headache to the IT Industries, there's another type of digital attacks that is proven to cause direct physical and mental harms to the victim. I'm talking the thin line of the grey area of money lenders.

Life is hard these days for certain sectors in community in this pandemic Era. With rampage of poverty, jobless, the will to live. Certain parts of the society have been targeted and exploited by various hand inside this country.

As part of my research/studies in order to "improve my whatever skillsets" is to harnest  spidering/crawling  type of digital entity exist servicing the regional market especially Malaysia.

It bugs me enough when one of my spiders suddenly caught on this domain

24hourloan.com.my ??

A 24 hour loan services and the domain is registered with Mynic!!!

The website looks very professional.

Nice template

They even have a "legit alliance and addresses"

Looks nice right?

Let's begin our investigation. Since the domain is belongs ends with .com.my so a simple whois with mynic should reveal the owner.

A quick whois shows that it was register to EL Aircond & Eletric Services!!! Huh weird. What does an Aircond services got to do with Money Lending? Weird right but welcome to my country

It get's more interesting since when you look at the SSM Info, the principle business is not  in KL but in Batang Kali Selangor!! Plus their sole purpose of business is for aircond services not money lending at all!!!!

Worst depa guna orang Melayu (they use a Malay people)

To investigate further:

Let's run the a reverse resolve on the IP.

And it will points to these website:

....

IP  Whois result shows that the server is hosted in Malaysia.

Lesson Learn

It's not enough just to deal with the usual exploits. There are certain parts of the society that is vulnerable to this type of  cloud alluring services. (Blacklisted, urgent money for health, education , etcx3).  I'm not sure but there should be a stringent check by hosting provider/ domain provider / mynic when it comes to these type of  cloudy issues.

So the final question what can we do to solve this problem? Police report? PPIM? Goverment Intervention? No Idea the best is to avoid getting involves with this hanky panky folks.

To those who have fallen into money problem , be constant vigilance.

BNMTELELINK (Customer Contact Centre)
Tel: 1-300-88-5465
Fax: (03)2174 1515
Email: bnmtelelink@bnm.gov.my

To submit enquiries or complaints, type 15888
BNM TANYA [your enquiry/complaint]

BNMLINK (Walk-in Customer Service Centre)
Block D, Bank Negara Malaysia
Jalan Dato' Onn
50480 Kuala Lumpur
(Business hours: Monday - Friday, 9:00 am - 5:00 pm)