Subj : Even Google Calendar isn't safe from hackers any more To : All From : TechnologyDaily Date : Mon Nov 06 2023 21:15:06 Even Google Calendar isn't safe from hackers any more Date: Mon, 06 Nov 2023 21:01:39 +0000 Description: Hackers found a way to abuse Google Calendar to try and spread malware. FULL STORY ====================================================================== Hackers have reportedly found a way to use the Google Calendar as command & control (C2) infrastructure which could create quite a few headaches in the cybersecurity community. One of the bigger challenges for cybercriminals these days is how to get the malware on an infected endpoint to execute the commands theyd like done. To do that, they need C2 infrastructure, usually compromised servers, but the problem is that it never takes long for security pros to discover the ruse and terminate the connection. But if the C2 infrastructure leveraged legitimate resources, such as Google Calendar for example, cybersecurity pros would have a much harder time detecting the attack and terminating the connection. Reading commands via Calendar Now, Google warned the wider security community that a proof-of-concept (PoC) exploit for such a thing is circulating around the dark web. The PoC is dubbed Google Calendar RAT (GCR), and according to the person that built it - alias MrSaighnal - the script will create a covert channel by exploiting the event descriptions in the calendar. "The target will connect directly to Google." When a device is infected with GCR, it will periodically poll the Calendar event description for new commands and run them on the device, Google explained. Then, it will update the event description with new command output. So far, no hackers have been observed abusing GCR in the wild, but with things like these, its only a matter of time. Hackers are increasingly using legitimate cloud services to deliver malware. For example, Google Docs has a share feature that allows users to type in an email address in the document and Google will notify the recipient that they now have access to the file. Some threat actors were observed creating files with malicious links and distributing them to peoples email inboxes this way. As the emails came from Google, they bypassed email protection services. Via TheHackerNews More from TechRadar Pro Worried about your protection? Here is the best ransomware protection software FBI - North Korean Lazarus hackers could be about to cash in millions of stolen Bitcoin Read our list of the best ID theft protection solutions ====================================================================== Link to news story: https://www.techradar.com/pro/security/even-google-calendar-isnt-safe-from-hac kers-any-more --- Mystic BBS v1.12 A47 (Linux/64) * Origin: tqwNet Technology News (1337:1/100) .