A new APT group named Harvester by security researchers is reportedly attacking telcos, IT companies, and government sector targets in a campaign that has been consistent since June. The group is likely a nation-state backed entity and is using custom malware and stealthy tactics, according to researchers. The group has a variety of advanced tools and seems to be on a mission to carry out espionage activities in Afghanistan and elsewhere in the Middle East.
As of October, the campaign was still ongoing, according to researchers. It appears that the hackers are seeking to dig up sensitive data rather than achieve financial gain. The APT boasts a range of tools that are designed to cut through an organization’s cybersecurity defenses, including the Graphon custom backdoor. Graphon is deployed alongside other tools that are able to take screenshots and downloaders for malware. Therefore, the tool offers a host of remote access and data exfiltration capabilities.