
Harvester Deploys New Linux Variant of GoGra Backdoor Targeting South Asia
MalwareCybersecurityBackdoorThreatActors
The threat actor known as Harvester has deployed a new Linux variant of its GoGra backdoor in attacks likely targeting entities in South Asia. The malware leverages the legitimate Microsoft Graph API and Outlook mailboxes as a covert command-and-control (C2) channel to evade traditional network perimeter defenses. Symantec and Carbon Black Threat Hunter teams reported the activity, though no specific dates or CVE identifiers were disclosed. The attack method enables stealthy communication by blending malicious traffic with legitimate Microsoft services. No additional technical details, such as infection vectors or impacted systems, were provided in the report.