xHunt APT: Cyber-Espionage Operations Targeting Kuwait and Exchange Servers

The xHunt APT group has been conducting cyber-espionage operations targeting Kuwait, focusing on shipping, transportation, and government sectors since 2018. They utilize custom tools, often named after anime characters, and employ diverse attack vectors including watering hole attacks and compromises of Microsoft Exchange and IIS servers to deploy backdoors like BumbleBee, TriFive, and Snugy.