Hari Krishnan Cybercriminals are leveraging Registered Domain Generation Algorithms (RDGAs) to create vast networks of fraudulent websites, leading to a significant increase in investment scams and consumer losses.
In 2024, U.S. consumers reported losses exceeding $5.7 billion due to investment scams, marking a troubling rise in online fraud. Central to this surge is the exploitation of Registered Domain Generation Algorithms (RDGAs) by cybercriminal groups, notably those dubbed “Reckless Rabbit” and “Ruthless Rabbit” by cybersecurity firm Infoblox.
Unlike traditional Domain Generation Algorithms (DGAs), which generate numerous domain names with only a few being registered, RDGAs involve the actual registration of all generated domains. This approach allows scammers to create extensive networks of seemingly legitimate websites, making detection and takedown efforts more challenging.
Reckless Rabbit primarily utilizes Facebook ads featuring fake celebrity endorsements to lure victims to fraudulent investment platforms. Their strategy includes creating domains that respond to any subdomain query, effectively cloaking their malicious activities.
Ruthless Rabbit, on the other hand, employs its own cloaking services to screen users before presenting scam content.They often spoof legitimate news sites or impersonate well-known brands like WhatsApp and Meta, enhancing the perceived credibility of their fraudulent platforms.
The psychological manipulation in these scams hinges on exploiting economic uncertainty and manufacturing trust through professional-looking websites and familiar branding. This tactic increases the likelihood of victims falling prey to fraudulent schemes.
To combat this evolving threat, cybersecurity experts recommend heightened vigilance, including skepticism towards unsolicited investment opportunities and the implementation of Protective DNS services that can block access to known malicious domains.
