• Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • Home
  • About Darknet
  • Hacking Tools
  • Popular Posts
  • Darknet Archives
  • Contact Darknet
    • Advertise
    • Submit a Tool
Darknet – Hacking Tools, Hacker News & Cyber Security

Darknet - Hacking Tools, Hacker News & Cyber Security

Darknet is your best source for the latest hacking tools, hacker news, cyber security best practices, ethical hacking & pen-testing.

The Tale of a Real Malaysian E-mail Spammer Exposed – Webflexx

April 4, 2006

Views: 10,740

[ad]

So a friend of mine received a spam, which is not unusual, but this one was a little different.

This guy is in Malaysia, and the spam he usually receives is from all over the place, mostly US-centric, but this one was targeting Malaysians, Malaysian spammer producing Malaysian spam, is it the first?

I asked for him to forward the mail to me so I could check it out, pretty standard spam.

Malaysian Spam

I then noticed Thunderbird was blocking some external images so I checked the source of the e-mail (The from address was pretty anonymous “eMarketer in Malaysia” [email protected]).

Thunderbird Image Block

The source indeed revealed the location of the imbedded images:

Webflexx Spammer

http://www.webflexx.com/meng/wfx/

Fee Structure
RM288 – 150,000 emails (one day trial)
RM388 – 500,000 emails
RM688 – 1,000,000 emails
RM1376 – 2,000,000 emails
RM2064 – 3,000,000 emails + 1,000,000 emails FREE + ad design FREE!!

Reply with your contact number. Or call Ms Meng 012-205 1591 or Mr Lim 012- 302 3899

It seems this company webflexx does offer spamming services:

Direct E-mail Marketing

“direct email marketing” another term for spam right?

Notice the subdirectory of the spammer is /meng and the registrant of the webflexx domain is also an Ong Meng Foong, no coincidence right?

Webflexx Registration

24-2 Plaza Damansara Jalan Medan Setia 2,
Bukit Damansara,
KL,50490
MY
Tel. +603.22835898

Going up one directory allowed me to browse the /meng directory, quite a nice collection of stuff.

/meng Directory

Browsing through the /meng directory I also found a screenshot of a personal ‘blog’ from Meng Foong.

Meng Foong Blog

Now whilst I couldn’t quite make out the text of the URL I could see the name “Meng’s Fickle Rambling Sessions”, which I of course Googled and found his blog, you can have a read here:

http://omengos.blogspot.com/

Seems like a nice Christian boy…from his blog I also found his Flickr Page (Inactive) and his old Xanga page.

From browsing the sub-directories it seems his clients are sexual based so far, sex toys, condoms and so on.

Kinsei Corporation

Kinsei

I Need House

Ineedhouse

RMXXX

RMXXX

All his spam templates have this ‘disclaimer’ at the bottom:

Note: This email is meant for our potential clients. Should you have received it in error, please reply “unsubscribe” at the subject header. Thank you.

He or a friend named Amanda seems to be a student or ex-student of Help University college and a member of the Christian Fellowship there.

A quick Google Search on his site doesn’t yield much, just a couple more directories nothing interesting (/images and /multimedia).

I know people have to make a living, but spamming is not the way ok.

I hope no-one out there supports these spammers by paying them for these services, and no one of you uses any of these services advertised through spam.

There are plenty of pictures too in the http://www.webflexx.com/meng/ directory, check /tiomans and /kk to see :)

Have fun and remember don’t spam. If you really don’t know why spam is bad, read this.

Note: If you read this post by mistake, please e-mail Darknet with “unsubscribe” in the subject.

Digg This Article

Share
Tweet
Share
Buffer
WhatsApp
Email
0 Shares

Filed Under: Spammers & Scammers Tagged With: email-spam, malaysia, scammers, spam, spammer



Reader Interactions

Comments

  1. Fashionasia says

    April 4, 2006 at 9:15 am

    eh….good spywork!! clap clap, next time i need to do some spywork i know who to look for.

    but….noneed to be so bad la put up his name and personal details all, kesian the fellow.

  2. Dzof says

    April 4, 2006 at 9:25 am

    I agree, good investigative work.

  3. Loong says

    April 4, 2006 at 1:20 pm

    pwned! =)

  4. evilfoo says

    April 6, 2006 at 7:47 am

    Sweet !!… This dude didn’t even disable directory listing for images on his site.

  5. jarra says

    April 6, 2006 at 7:30 pm

    excellent work.
    he even apologised, hahaha
    http://omengos.blogspot.com/2006/04/apologies-to-malaysians-at-large.html
    but still, what he did makes him an *&%#$ !!!

  6. Darknet says

    April 7, 2006 at 4:28 am

    Fashionasia: Well just shows what can be exposed if you aren’t careful..

    evilfoo: He didn’t disable directory listing at all…he’s deleted the directory now though.

    jarra: Seems like he’s closed his blog now.

  7. Andy says

    April 8, 2006 at 4:57 pm

    it’s actually a dudette m- wonder how much flak they got from their personal info being online though.

  8. Christian J. Koch says

    April 12, 2006 at 5:18 pm

    seems his blog and the webflexx site is now offline!! lol

    great work!

  9. WTF! says

    April 18, 2006 at 2:10 am

    WTF!!! Whats the point?!

  10. Danny Foo says

    May 16, 2006 at 3:23 am

    I think that’s one of it exposed. But there are others who do the same and the worst of the lot are the ones selling the information of emails to people. sigh..

  11. Ken Woo says

    November 30, 2006 at 5:48 am

    Webflexx life again!. He try to cheat Google bot to SEO his site with Keyword “Emarketing Malaysia” and “E-marketing Malaysia”. This is the screen shot.
    He Try to spam high keyword density to SEO his website. He really good in SPAM SPAM SPAM!!!!

  12. Ken Woo says

    November 30, 2006 at 5:50 am

    Please goto this image URL : http://static.flickr.com/104/310052679_665c84670a.jpg?v=0 to view here spam skill

  13. Webflexx says

    January 23, 2007 at 1:25 am

    Hi

    I am the webflexx.com owner and I was the one exposed by Darknet. Yes, at one stage I was spamming but all that has stopped already by now. I did apologise for what I did, and I have already stopped.

    I did not steal passwords nor pin numbers, and neither did I cheat anyone of their hard earned money and their innocence. I have never done any of those things. If I did, please bring it up and I’ll try to re-do where I have gone wrong. I was experimenting with a lot of things in the process to learn.

    The Google Bot was not a cheat, I was just experimenting with the codes. I know people enjoy all these juicy news when one is being “exposed” like this. If Google Bot can capture the codes and list us, then it is a point to consider. I was reading all those emarketing articles and was just experimenting with it. Why wan to make a big issue of a learning process here?

    Most of my clients are not sexual-based. INeedHouse is indeed one of the biggest (and perhaps the ONLY) adult store in Malaysia. And being in Malaysia, they are actually promoting safe sex. Perhaps adults activities are rampant everywhere but not in Malaysia. This is a Muslim country. If you do not believe me, simply be in touch with them. Just google INeedHouse and be in touch so that they can tell you the truth too.

    It has almost been one year now since Darknet exposed me. And since then, everything has changed. I no longer conduct any spamming business. Not at all. I have stopped all that when I was first ‘exposed’. And I do not sell any email addresses to anyone.

    We do proper business now, and we do it the right way. I know I have offended spam-victims, but all those have stopped since.

    I do not run from making mistakes, so please hope to get your good understanding on all these things. I am not a cheater.

    If you would like to call me on my mobile, simply call +60-12-205 1591 and let me apologise to you personally. You can also email me [email protected] and let me apologise.

    If you are still unhappy, just contact me. No point going around and studying what is up and what is down and what I have done in the past. All those remain in the past.

    If I can recover from what Darknet did in exposing me like this, why can’t the rest of the world follow suit?

    Once again, please accept my apologies and I am truly sorry.

  14. Webflexx says

    January 23, 2007 at 1:29 am

    To Ken Woo,

    You’re definitely either a Malaysian or a Singaporean. Please be in touch with me. Please let me know if I have offended you.

    You do not have to be too worked out on the keywords spamming in the index page. It was an experiment. Even if I did take those words away from the index page, there are other criterias that Google look into for SEOing a website, definitely not on the density of the keyword alone. If that is the case, then it would be an unfair way for Google to rank each pages, as all a website owner need to do is to repeat each keywords as often as possible.

    Let me make my mistakes and let me learn. Just do not get too worked out over this. Everyone is trying their level best to get to the top 10 of Google.com, so let me learn how to get it done.

    Thanks for your understanding Mr. Ken Woo. If you are still not happy, please be in touch with me.

    To Mr Danny Foo,

    I have also been reading your website and I have learned from you for a few months now. Hope to exchange opinion with you one day. I am not a cheater, a liar, and neither am I a stealer.

    To the world, apologies once again.

  15. Spikyles says

    January 24, 2007 at 7:32 am

    I found this article interesting and decided to test out the process with some of the spam I received. I found almost the exact situation for my spammer, the files, etc… anyone have any suggestions on what to do with the info? Pretty cool though.

  16. Darknet says

    January 24, 2007 at 9:48 am

    Webflexx: Your website services still state you do direct email marketing, so you are still a spammer.

    Spikyles: Report them to the upstream ISP the mail was sent from and the web host for the domain the spam image/site is hosted on that’s about the best you can do.

  17. Webflexx says

    January 24, 2007 at 1:58 pm

    Dear Darknet

    Thanks for bringing this up. I have already taken down that one line. Trust me, we don’t spam anymore. Apologies once again for the misconception given.

    I mean, I have already deleted the line that says we still offer direct email marketing.

    Webflexx.

Primary Sidebar

Search Darknet

  • Email
  • Facebook
  • LinkedIn
  • RSS
  • Twitter

Advertise on Darknet

Latest Posts

Falco - Real-Time Threat Detection for Linux and Containers

Falco – Real-Time Threat Detection for Linux and Containers

Views: 294

Security visibility inside containers, Kubernetes, and cloud workloads remains among the hardest … ...More about Falco – Real-Time Threat Detection for Linux and Containers

Wazuh – Open Source Security Platform for Threat Detection, Visibility & Compliance

Wazuh – Open Source Security Platform for Threat Detection, Visibility & Compliance

Views: 590

As threat surfaces grow and attack sophistication increases, many security teams face the same … ...More about Wazuh – Open Source Security Platform for Threat Detection, Visibility & Compliance

Best Open Source HIDS Tools for Linux in 2025 (Compared & Ranked)

Views: 555

With more businesses running Linux in production—whether in bare metal, VMs, or containers—the need … ...More about Best Open Source HIDS Tools for Linux in 2025 (Compared & Ranked)

SUDO_KILLER - Auditing Sudo Configurations for Privilege Escalation Paths

SUDO_KILLER – Auditing Sudo Configurations for Privilege Escalation Paths

Views: 590

sudo is a powerful utility in Unix-like systems that allows permitted users to execute commands with … ...More about SUDO_KILLER – Auditing Sudo Configurations for Privilege Escalation Paths

Bantam - Advanced PHP Backdoor Management Tool For Post Exploitation

Bantam – Advanced PHP Backdoor Management Tool For Post Exploitation

Views: 451

Bantam is a lightweight post-exploitation utility written in C# that includes advanced payload … ...More about Bantam – Advanced PHP Backdoor Management Tool For Post Exploitation

AI-Powered Cybercrime in 2025 - The Dark Web’s New Arms Race

AI-Powered Cybercrime in 2025 – The Dark Web’s New Arms Race

Views: 676

In 2025, the dark web isn't just a marketplace for illicit goods—it's a development lab. … ...More about AI-Powered Cybercrime in 2025 – The Dark Web’s New Arms Race

Topics

  • Advertorial (28)
  • Apple (46)
  • Countermeasures (228)
  • Cryptography (82)
  • Database Hacking (89)
  • Events/Cons (7)
  • Exploits/Vulnerabilities (431)
  • Forensics (65)
  • GenAI (3)
  • Hacker Culture (8)
  • Hacking News (229)
  • Hacking Tools (684)
  • Hardware Hacking (82)
  • Legal Issues (179)
  • Linux Hacking (74)
  • Malware (238)
  • Networking Hacking Tools (352)
  • Password Cracking Tools (104)
  • Phishing (41)
  • Privacy (219)
  • Secure Coding (118)
  • Security Software (235)
  • Site News (51)
    • Authors (6)
  • Social Engineering (37)
  • Spammers & Scammers (76)
  • Stupid E-mails (6)
  • Telecomms Hacking (6)
  • UNIX Hacking (6)
  • Virology (6)
  • Web Hacking (384)
  • Windows Hacking (169)
  • Wireless Hacking (45)

Security Blogs

  • Dancho Danchev
  • F-Secure Weblog
  • Google Online Security
  • Graham Cluley
  • Internet Storm Center
  • Krebs on Security
  • Schneier on Security
  • TaoSecurity
  • Troy Hunt

Security Links

  • Exploits Database
  • Linux Security
  • Register – Security
  • SANS
  • Sec Lists
  • US CERT

Footer

Most Viewed Posts

  • Brutus Password Cracker – Download brutus-aet2.zip AET2 (2,297,506)
  • Darknet – Hacking Tools, Hacker News & Cyber Security (2,173,103)
  • Top 15 Security Utilities & Download Hacking Tools (2,096,637)
  • 10 Best Security Live CD Distros (Pen-Test, Forensics & Recovery) (1,199,691)
  • Password List Download Best Word List – Most Common Passwords (933,521)
  • wwwhack 1.9 – wwwhack19.zip Web Hacking Software Free Download (776,170)
  • Hack Tools/Exploits (673,298)
  • Wep0ff – Wireless WEP Key Cracker Tool (530,182)

Search

Recent Posts

  • Falco – Real-Time Threat Detection for Linux and Containers May 19, 2025
  • Wazuh – Open Source Security Platform for Threat Detection, Visibility & Compliance May 16, 2025
  • Best Open Source HIDS Tools for Linux in 2025 (Compared & Ranked) May 14, 2025
  • SUDO_KILLER – Auditing Sudo Configurations for Privilege Escalation Paths May 12, 2025
  • Bantam – Advanced PHP Backdoor Management Tool For Post Exploitation May 9, 2025
  • AI-Powered Cybercrime in 2025 – The Dark Web’s New Arms Race May 7, 2025

Tags

apple botnets computer-security darknet Database Hacking ddos dos exploits fuzzing google hacking-networks hacking-websites hacking-windows hacking tool Information-Security information gathering Legal Issues malware microsoft network-security Network Hacking Password Cracking pen-testing penetration-testing Phishing Privacy Python scammers Security Security Software spam spammers sql-injection trojan trojans virus viruses vulnerabilities web-application-security web-security windows windows-security Windows Hacking worms XSS

Copyright © 1999–2025 Darknet All Rights Reserved · Privacy Policy