Reckless Rabbit lures victims into investment scams through malicious Facebook advertisements that lead to fake news articles with embedded web forms for personal information collection. They create domains using RDGA patterns, including random characters and English words, and configure wildcard DNS responses to obscure their active subdomains. The actor employs validation checks to filter out traffic from specific countries, enhancing their operational security. Their investment scam platforms often feature fake endorsements to increase credibility among potential victims.
References
Actor metadata imported from Malpedia (Fraunhofer FKIE).