Google Calendar Now Vulnerable to Hacking Exploits

Google warned Google Calendar users that the application is now not safe from hacking as a new way to remotely control user devices.

Google Calendar now vulnerable to hacking exploits
Alexander Koerner/Getty Images

The Google Calendar RAT (GCR), first uploaded in GitHub in June, is currently being shared in underground forums as a public proof-of-concept (PoC) exploit that uses the calendar to host command-and-control (C2) infrastructure.

GCR developer and researcher Valerio Alessandroni, also known as MrSaighnal, said the program's script uses exploits to leave commands in the event description of the Google Calendar.

"The target will connect directly to Google," Alessandroni said.

How Does the Google Calendar Exploit Works?

C2 infrastructure hackings have became a common mean for cybercriminals today to infect targeted endpoints. However, digital security professionals usually detect anomalies fast and protect individual C2 infrastructures from future cyberattacks.

The Google Calendar exploit enables hackers to bypass this difficulty by leveraging legitimate resources like Google to avoid detection for a longer period of time.

Google Calendar now vulnerable to hacking exploits
Google has revealed security vulnerabilities exploitable through the Google Calendar Google Cloud


Google assured that the exploit has not yet been reported to have been used in wild, but warns possibility that the program can be used by threat actors that abuse cloud-based storages to deliver malware and upload exfiltrated data to unknowing users.

A similar incident has already happened before in 2021 where Cisco reported threat actors using Microsoft Azure and Amazon Web Service "to deploy and deliver variants of malware with information stealing capabilities."

In March, Iranian government-backed hackers have also used macro docs to infect users with a small .NET backdoor, BANANAMAIL, for Windows through Internet Message Access Protocol (IMAP) emails.

Possible Solutions for the Google Calendar Hacking

In its eight Threat Horizons report, Google has promised to improve its architect systems with a more "defense-in-depth approach" to combat more possible vulnerabilities in the future.

The tech giant also plans to enhance its centralized logging and regularly monitor its cloud services programs of any anomalies.
For now, the company advices its users to be careful in accessing their Google accounts for possible online attacks while a system implements better defenses.

© 2024 iTech Post All rights reserved. Do not reproduce without permission.

More from iTechPost

Real Time Analytics