News
Even Google Calendar is not spared from hackers
Google has warned that there is an exploit that takes advantage of Calendar and that can be a potential attraction for hackers.
- November 7, 2023
- Updated: July 2, 2025 at 12:44 AM
As reported by Google itself (via TheHackerNews), it appears that Google Calendar has now become a service of potential interest to hackers, although it doesn’t seem like they are making much use of it at the moment. To be more specific, those at Mountain View have recently shared a warning about the existence of various threat actors who are sharing a proof of concept (PoC) of a public exploit that takes advantage of the mentioned Calendar to host a command and control (C2) infrastructure.
The tool we mentioned, which appears to be circulating on the deep web, is called “Google Calendar RAT” (GCR). It uses events to establish a C2 communication through a Gmail account. According to the person responsible for this threat, who goes by the name MrSaighnal, this script can create a “covert channel” by exploiting event descriptions in Google Calendar. This allows the attacker to establish a direct connection through Google, as stated by the threat actor. Therefore, with this tool, it is very challenging for security teams to detect the threat.
Google Calendar can become an important tool for hackers
This GCR works by having the compromised machine periodically check the event descriptions in Google Calendar for new commands. When these commands are identified, they are executed on the respective device, as reported by Google itself. Additionally, it is mentioned that once the command is executed, the event description is updated with the output of the said command.
As mentioned earlier, it appears that this GCR has not been used as of today, at least according to Google’s information. However, with this circulating on the internet, it seems to be only a matter of time before someone attempts to exploit it. In fact, Mandiant’s threat intelligence unit has already detected that this tool has been shared through underground forums.
Google Calendar joins other legitimate services as a way for hackers to distribute malware, similar to the case of Google Docs. Google Docs has a sharing function that allows users to enter an email address in the document, notifying the recipient that they have access to the file. In fact, it has been observed that malicious links were embedded in files and distributed through users’ email inboxes. Since these emails came from Google, many users bypassed email protection services.
Avid follower of the video game and technology industry, he has worked with media such as Alfa Beta Juega, Urban Tecno, or Nintenderos. Additionally, he runs a small blog focused on video games, HelGames.
Latest from Fran Pérez
- OpenAI presents ChatGPT Edu, bringing AI to students, teachers, and more
- Threads updates its desktop interface and now you can make it look like TweetDeck
- If you haven’t tried the Windows 11 24H2 update in its preview version yet, this is how you can install it
- Microsoft solves several issues on the Surface Pro 9 5G through a new update
You may also like
NewsThe K-pop warriors will have a sequel after surpassing 325 million views, but you will have to be patient
Read more
NewsThey discover an emotional easter egg in GTAV 12 years after its release
Read more
NewsDante's Inferno, the mythical game for Xbox 360 and PS3, could have had a sequel and its screenwriter reveals all its secrets
Read more
NewsThis English movie is a classic of LGBTIQ+ cinema and you can watch it streaming today
Read more
NewsMillie Bobby Brown, before the premiere of the final season of Stranger Things, pleads with the press to stop talking about her physical appearance
Read more
NewsFrom the director of Bodies Bodies Bodies comes a movie that shows us that weddings can be terrifying
Read more