Technology

Hackers Target Google Calendar with New Malware Attack

NewsFacts Bureau
NewsFacts Bureau
Google Calendar
APT41 Strikes Again: Google Calendar Exploited in Ransom Campaign

New Delhi, May 30, 2025 – Cybersecurity experts have uncovered a new wave of cyberattacks linked to a malicious software named TOUGHPROGRESS, engineered by the notorious hacker group APT41. This alarming malware campaign is reportedly targeting Google Calendar, exploiting the platform to infiltrate high-security systems, particularly government websites—and demand ransom in exchange for restored access.

The findings were revealed by cybercrime investigators working in collaboration with Google’s Threat Intelligence team, who have been monitoring the group’s activities since their first detected attack in October 2024.

How Hackers Are Using Google Calendar as a Weapon

According to Google’s internal cybersecurity division, the attackers are deploying a refined phishing technique. It begins with a deceptive email containing links to websites hosting infected ZIP files. These files, disguised as PDFs and images, trigger the TOUGHPROGRESS malware when opened.

Once active, the malware seeks out the user’s Google Calendar app, injecting malicious commands and even creating fake events embedded with hidden data. This not only allows attackers to siphon sensitive information but also gives them remote control of the compromised system.

APT41 has a known history of targeting Google services. In prior campaigns, the group used platforms like Google Drive and Sheets to distribute malware to government agencies.

Google’s Response and What Users Should Know

Google has confirmed the existence of this security threat but assures users that the Google Calendar-based vulnerability has been patched. The company has already notified potentially affected organizations and emphasized that the malware campaign is no longer active.

Still, the full scope of damage caused by APT41’s campaign remains unclear, as investigations continue.

Cybersecurity Tips from Google 

To prevent falling victim to similar threats, Google recommends the following:

  • Avoid opening links or attachments from unfamiliar sources.

  • Regularly update systems and use trusted threat detection tools.

  • Monitor system access logs for suspicious activity.

TAGGED: , , , , , , , , , , , , , ,
Share This Article
Previous Article Housefull 5 Housefull 5 Goes Wild with Triple Trouble and Cruise Chaos
Next Article Bhool Chuk Maaf Box Office Report Bhool Chuk Maaf Crosses ₹54 Cr Globally in 7 Days

Your Trusted Source for Accurate and Timely Updates!

We're committed to providing accurate and unbiased news as it unfolds, earning the trust of a large audience. Stay informed with our news updates on the latest events and trends, keeping you ahead of the curve.

Popular Posts

2023 IPL: Big Run-Fests, Shocking Records of Arshdeep Singh & Rohit

Arshdeep Singh, and Rohit Sharma are facing the most disappointing outing in this years 2023

By TheNewsFacts

India crumbles to 109 in 3rd Test, Umesh Yadav’s pinch-hitting helps

Umesh Yadav turned savior for India in 3rd Test. The first day of the third

By TheNewsFacts

Shubman Gill’s Struggles Continue as Wood’s Pace Exposes Vulnerability; Trolled

Shubman Gill, facing immense scrutiny over his Test performance, encountered another setback during the ongoing

By TheNewsFacts