"'Savvy Seahorse' Hackers Debut Novel DNS CNAME Trick"
A threat actor is conducting an investment scam using a Traffic Distribution System (TDS) that leverages the Domain Name System (DNS) to keep its malicious domains changing and resistant to takedowns. The "Savvy Seahorse" threat actor impersonates well-known brand names and uses Facebook ads in nine languages to trick victims into creating accounts on a fraudulent investing platform. Once victims add money to their accounts, the funds are transferred to what is believed to be an attacker-controlled account at a Russian state-owned bank. According to the Federal Trade Commission (FTC), US consumers lost $4.6 billion in investment scams in 2023 alone, making It is a common type of scam. What distinguishes Savvy Seahorse is the infrastructure that supports it. This article continues to discuss Savvy Seahorse hackers' DNS CNAME trick.
Dark Reading reports "'Savvy Seahorse' Hackers Debut Novel DNS CNAME Trick"
Submitted by grigby1