Hackers steal your data through Google Calendar; this is the modus operandi

Los hackers They are constantly looking for new ways to expand and diversify their tools. But it is never enough to surprise users. This time, one of the platforms that you least imagine is its new objective.

That’s how it is, Google Calendar It is the new means for hackers to infiltrate users’ devices and thus access their personal information. This was revealed by the company’s Threat Horizons Q3 2023 cybersecurity report.

This is how data can be stolen from Google Calendar

According to the report Threat Horizons Q3 2023, Google Calendar has been used by hackers to access users’ devices. The way this new cyber threat operates is through malware control and command (C2).

Basically, hackers place commands in the descriptions of calendar events to later execute them on the device. Which allows you to create a path for steal data from computers of Internet users.

With this, cybercriminals leave behind the idea of ​​​​creating their own infrastructure for their criminal operations and, instead, rely on legitimate cloud services.

In this specific case, the hackers used the Google Calendar RAT test code (GCR), which an independent developer published on Github 5 months ago. This tool is what allows you to insert commands in the event description field.

Concern grows, as the report highlights that the code used by hackers is hardly traceableas it works through legitimate Google infrastructure.

This is not the first time that a malware command and control (C2) attack has been recorded on cloud storage services. In 2021, the company specialized in cybersecurity, Cisco Talos, reported the use of Microsoft Azure and Amazon Web Service to execute malware capable of information theft.

The tech giant also recorded a similar attack in April 2023. Google’s Threat Analysis Group (TAG) found that a Chinese-backed actor used malicious PowerShell scripts to break into Dropbox to steal data. .

Google states in the informe Threat Horizonscorresponding to the third quarter of 2023, which, so farhas not detected a case where Google Calendar RAT (GCR) has been deployed to infiltrate devices. However, the threat is latent.

The American cybersecurity company, Mandiant, has identified that said code has been shared on several clandestine forumsso interest could be increasing.

YouTube videoYouTube video

#Hackers #steal #data #Google #Calendar #modus #operandi
2024-04-11 21:34:35

Related posts:

Paraná will host the third edition of the International Cassava Fair (Fiman)
Top 5 worst video games of all time
"Discover the Stunning iPhone 14 Colors and Prices in Egypt, Saudi Arabia and UAE with Specs and Fea...
HP Pavilion 14-dv Review Standard notebook PC for home that can be purchased from 100,000 yen or les...
«AI is the most profound technology humanity has ever worked on»
Sony loses 20 billion in market value after the purchase of Activision Blizzard by Microsoft
Charles Martinet will no longer double Mario and will take on a new role - Nintendo
these toilets literally repel excrement

Official list of personal deductions for your annual return

Review and highlights of the first matches of the 1/4 finals of the Europa League | UEFA Europa League

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.