Muddling Meerkat: Infoblox Exposes Chinese State-Linked DNS Threat

Muddling Meerkat: Infoblox Exposes Chinese State-Linked DNS Threat

Infoblox researchers have identified a DNS-based cyber threat called 'Muddling Meerkat,' believed to be linked to a Chinese state actor.
The threat exploits open DNS resolvers globally, generating high volumes of DNS queries to bypass security and manipulate China's Great Firewall.
Muddling Meerkat has been active for five years, mapping open DNS resolvers and using 'super-aged' domains for stealth and control over the Great Firewall.
Indications of ongoing, low-volume Slow Drip DDoS attacks since May 2018 suggest a potential for future large-scale DNS denial-of-service attacks.
Researchers advocate for the removal of open DNS resolvers and caution against using unowned fully qualified domain names for DNS and Active Directory.
The activities of Muddling Meerkat underscore the comprehensive cyber threat posed by the Chinese Communist Party to US critical infrastructure.

Summary based on 5 sources

Get a daily email with more Tech stories

Sources

Chinese threat actor engaged in multi-year DNS resolver probing effort

CSO Online • Apr 30, 2024

Chinese threat actor engaged in multi-year DNS resolver probing effort

Muddling Meerkat Group Suspected of Espionage via Great Firewall of China

Hackread - Latest Cybersecurity, Tech, Crypto & Hacking News • May 1, 2024

Muddling Meerkat Group Suspected of Espionage via Great Firewall of China

New threat actor controlling China’s Great Firewall - APDR

APDR • Apr 30, 2024

New threat actor controlling China’s Great Firewall - APDR

Muddling Meerkat Using DNS As A Powerful Weapon For Sophistication

CybersecurityNews • Apr 30, 2024

Muddling Meerkat Using DNS As A Powerful Weapon For Sophistication

More Stories