| SYMBOL | COMMON_NAME | aka. SYNONYMS |
Reckless Rabbit lures victims into investment scams through malicious Facebook advertisements that lead to fake news articles with embedded web forms for personal information collection. They create domains using RDGA patterns, including random characters and English words, and configure wildcard DNS responses to obscure their active subdomains. The actor employs validation checks to filter out traffic from specific countries, enhancing their operational security. Their investment scam platforms often feature fake endorsements to increase credibility among potential victims.
There are currently no families associated with this actor.
| 2025-04-28
⋅
Infoblox
⋅
Uncovering Actor TTP Patterns and the Role of DNS in Investment Scams Reckless Rabbit Ruthless Rabbit |