VMTech
+381 11 4150 20024/7 Discuss a project
← All Instagram insights VMTECH · INSTAGRAM

Harvester advances Linux GoGra backdoor using Microsoft Graph and Outlook

Harvester развивает Linux‑бэкдор GoGra с использованием Microsoft Graph и Outlook

Colleagues, a cybersecurity alert: Harvester has deployed a Linux variant of the GoGra backdoor that leverages Microsoft Graph and Outlook as a covert C2.

Symantec and Carbon Black found artifacts on VirusTotal suggesting possible targets in India and Afghanistan.
Infection is an ELF disguised as a PDF; a fake document is displayed while the backdoor runs in the background.
GoGra accesses the Outlook folder “Zomato Pizza” via OData, searches for emails with subject “Input”, decodes Base64, executes commands, returns results in an “Output” email, then deletes the original task.

Why it matters: attackers exploit legitimate cloud infrastructure, complicating detection.

Which email and Linux endpoint protections do you prioritise?
#cybersecurity #threatintelligence #Linux #emailsecurity

Latest comments

No comments yet.