Transportation and shipping companies in Kuwait are being attacked by a sophisticated threat group that relies on custom tools and malware, new research by Palo Alto Networks shows. The campaign, dubbed xHunt, was first detected in May of this year.
The study found overlaps between some of the infrastructure behind the custom xHunt hacking tools and the campaigns of Iranian state-backed hacking group OilRig (aka APT 35 and Helix Kitten). However, that doesn’t necessarily mean that OilRig is behind the xHunst campaign, nor that the groups are collaborating. The researchers note that timing differences between the xHunt campaign and OilRig activity could simply mean that the infrastructure used by one group in a certain campaign was later discovered and used by the other group.
Read more: Hackers target transportation and shipping companies in new trojan malware campaign
