Infoblox Threat Intel
Loopy Lizard
Loopy Lizard is a DNS threat actor that creates lookalike domains to financial institutions and government organizations for the purpose of phishing user credentials. They primarily target the United States and Australia but have also targeted Western Europe and Canada. Loopy Lizard was identified through DNS because of an anomalous name server configuration. Loopy Lizard was formerly called Open Tangle.
- Operating since: April 2018
- Infoblox discovered: June 2022
- Infoblox published: October 2023
- Prevalence: Uncommon