The Muddling Meerkat operation involves China's Great Firewall manipulating DNS records since 2019, observed by Infoblox researchers who noticed a spike in activity in September 2023. The operation uses 'super-aged' domains to avoid blocklists, injects fake DNS responses, and targets MX records of random subdomains to probe networks globally. The attackers aim to evade detection and have been elusive in their motivations, suggesting different stages of operations with questionable queries and odd patterns linked to threat actors like 'ExploderBot
' The report includes IoCs to counter these activities. ```https://securityaffairs.com/162564/apt/muddling-meerkat-dns-operation-2024.html