skip to Main Content
Return to Infoblox Homepage

Infoblox Threat Intel

Loopy Lizard

Loopy Lizard is a DNS threat actor that creates lookalike domains to financial institutions and government organizations for the purpose of phishing user credentials. They primarily target the United States and Australia but have also targeted Western Europe and Canada. Loopy Lizard was identified through DNS because of an anomalous name server configuration. Loopy Lizard was formerly called Open Tangle.

  • Operating since: April 2018
  • Infoblox discovered: June 2022
  • Infoblox published: October 2023
  • Prevalence: Uncommon

Threat actor resources


Infoblox Threat Intel
October 12, 2023

Open Tangle Creates a Phishing Net for Consumers

Learn how a DNS threat actor targets consumers through lookalike domains and manages to operate for over 5 years.

Read more
Back To Top