Uptime Hamster: 15d 4h 13mDeploy: 13 Jul 2026 08:04Updated: 2026-07-14

StealthMole: RT by @stealthmole_int: We traced the threat actor behind the defacement of Malaysia's Ministry of Health (MOH) website. Our investigation found that the actor has been active on Telegram since 2024, participating in multiple channels related to hacking forums, web shells, spam, hacking tools, and data leaks.

Fecha
29 Jun 2026
Actor
stealthmole_int
Tipo
Breach
Pais
Malaysia
Sector
Health
Confianza
high
55
Prioridad analitica
Media

Basado en actor, pais, IOCs, TTPs, filtracion y calidad de contexto.

1IOCs
0TTPs
stealthmole_intActor
MalaysiaPais
Executive Summary
StealthMole cyber threat intelligence on ransomware, data leaks and criminal underground ecosystems.

Key Points

  • Tweet original en X
  • Perfil de @stealthmole_int

RT by @stealthmole_int: We traced the threat actor behind the defacement of Malaysia's Ministry of Health (MOH) website. Our investigation found that the actor has been active on Telegram since 2024, participating in multiple channels related to hacking forums, web shells, spam, hacking tools, and data leaks.

StealthMole cyber threat intelligence on ransomware, data leaks and criminal underground ecosystems.


We traced the threat actor behind the defacement of Malaysia's Ministry of Health (MOH) website. Our investigation found that the actor has been active on Telegram since 2024, participating in multiple channels related to hacking forums, web shells, spam, hacking tools, and data leaks. We also observed that the actor changed usernames multiple times before recently adopting the alias "Mushr00w." In addition, we identified past messages in which the actor used Turkish in a data leak tool channel, providing another potential lead for attribution. Malay Mail (@malaymail) Health Ministry confirms website hack, urges public to use official channels while recovery efforts continue. ebx.sh/a5GaaQ — https://nitter.net/malaymail/status/2070738985282887863#m

StealthMole: RT by @stealthmole_int: We traced the threat actor behind the defacement of Malaysia's Ministry of Health (MOH) website. Our investigation found that the actor has been active on Telegram since 2024, participating in multiple channels related to hacking forums, web shells, spam, hacking tools, and data leaks.

StealthMole: RT by @stealthmole_int: We traced the threat actor behind the defacement of Malaysia's Ministry of Health (MOH) website. Our investigation found that the actor has been active on Telegram since 2024, participating in multiple channels related to hacking forums, web shells, spam, hacking tools, and data leaks.


Referencias

Diamond Model

Adversary
stealthmole_int
Ver perfil →
Victim
StealthMole: RT by @stealthmole_int: We traced the threat actor behind the defacement of Malaysia's Ministry of Health (MOH) website. Our investigation found that the actor has been active on Telegram since 2024, participating in multiple channels related to hacking forums, web shells, spam, hacking tools, and data leaks.
Malaysia
Capability
Breach
Infrastructure
ebx.sh

Indicadores de Compromiso (IOCs)

TipoValorContextoOSINT
domain ebx.sh observed in tweet VT OffSec SOCRadar

Referencias y enlaces

→ Perfil del actor stealthmole_int en el blog → Ver stealthmole_int en IntelTracker → URL IntelTracker: nitter.net→ URL IntelTracker: x.com → Fuente OSINT: nitter.net→ Fuente OSINT: x.com → Buscar stealthmole_int en APTTrail → Repositorio APTTrail → Mas incidentes en Malaysia → Buscar en Google News → Analizar en VirusTotal → Feed RSS del blog
← Volver al panel de inteligencia

Incidentes recientes