Google Calendar has become a weapon for hackers! How is the attack happening with dangerous malware, know the whole truth

Google Calendar: Now the hackers have their eyes on your Google Calendar. A dangerous malware has surfaced named TOUGHPROGRESS and its main target is to attack government websites and blackmail them.

Google Calendar: Now the hackers have their eyes on your Google Calendar. A dangerous malware has surfaced named TOUGHPROGRESS and its main target is to attack government websites and blackmail them. Using this malware, hackers snatch access to the system and then demand ransom in return.

Intelligence report

According to Google's Threat Intelligence Team, this is not the first time TOUGHPROGRESS has come into the discussion. The first incident related to this was reported in October 2024 when a hacker group named APT41 used it. Now this same group is trying to penetrate security systems with the help of apps like Google Calendar.

How does this malware work in Google Calendar?

According to Google's cyber security team, this malware is usually spread through phishing emails. The victim is sent an email containing a link to a suspicious website. As soon as the user opens that link, a ZIP file is downloaded which contains fake PDF and image files. The malware gets activated through these.

Once TOUGHPROGRESS bypasses the security of the system, it gains access to Google Calendar. Then it creates fake events in the app and hides code or commands in them through which it tries to gain control over the system. The APT41 group has previously targeted government departments using platforms like Google Drive and Google Sheets. Now they have also included the Calendar app in their toolkit.

Vigilance is necessary

Google has confirmed that they are aware of this attack and the flaw related to the Calendar app has been fixed. The institutions that were targeted have also been informed. However, Google has not been able to clarify how much damage has been done so far.

Google advised

Never open email links or attachments from unknown senders

Always keep your system and software updated

Use reliable cyber security tools

Keep an eye on system access logs and suspicious activities