China-linked APT deploys new Linux backdoor

The China-linked threat actor Harvester has deployed a new Linux backdoor called GoGra in targeted operations across South Asia.

Sources

1 verified

Location

South Asia

Updated

Thursday, 23 April 2026 at 12:34 UTC

No media · text-only dispatch

Synthesis · 1 sources

A China-linked advanced persistent threat (APT) group known as Harvester has deployed a previously undocumented Linux backdoor called GoGra in targeted operations across South Asia. The malware leverages the legitimate Microsoft Graph API for command-and-control communication, enabling covert data exfiltration and remote access on compromised Linux systems. This use of legitimate cloud infrastructure complicates network-based detection and represents an evolution in APT tradecraft. The targeting pattern aligns with Harvester's established focus on governmental and diplomatic entities in the region.

Prediction markets · Polymarket

Polymarket↗

Will China invade Taiwan by end of 2026?

Yes

93%

Polymarket↗

Will China invade Taiwan by June 30, 2026?

Yes

98%

Polymarket↗

China x Taiwan military clash before 2027?

Will China blockade Taiwan by June 30?

Yes

97%

e/eineurope · topic · T-05241cycle Thursday, 23 April 2026 at 12:34 UTC · first reported 5d ago