Infoblox Threat Intel
Savvy Seahorse
Savvy Seahorse is a DNS threat actor that specializes in investment scams that lure victims into creating accounts on fake investment platforms, making deposits into personal accounts, and then transferring these deposits to a bank in Russia. Savvy Seahorse delivers its campaigns through Facebook advertisements and incorporates fake ChatGPT and WhatsApp bots to urge users to enter personal information. It has spoofed legitimate companies such as Apple, Meta, Mastercard, Visa, and Google for investment opportunities.
- Operating since: At least August 2021
- Infoblox discovered: August 2022
- Infoblox published: February 2024
- Prevalence: Uncommon