Technology

Hackers Target Google Calendar with New Malware Attack

NewsFacts Bureau
NewsFacts Bureau
Google Calendar
APT41 Strikes Again: Google Calendar Exploited in Ransom Campaign

New Delhi, May 30, 2025 – Cybersecurity experts have uncovered a new wave of cyberattacks linked to a malicious software named TOUGHPROGRESS, engineered by the notorious hacker group APT41. This alarming malware campaign is reportedly targeting Google Calendar, exploiting the platform to infiltrate high-security systems, particularly government websites—and demand ransom in exchange for restored access.

The findings were revealed by cybercrime investigators working in collaboration with Google’s Threat Intelligence team, who have been monitoring the group’s activities since their first detected attack in October 2024.

How Hackers Are Using Google Calendar as a Weapon

According to Google’s internal cybersecurity division, the attackers are deploying a refined phishing technique. It begins with a deceptive email containing links to websites hosting infected ZIP files. These files, disguised as PDFs and images, trigger the TOUGHPROGRESS malware when opened.

Once active, the malware seeks out the user’s Google Calendar app, injecting malicious commands and even creating fake events embedded with hidden data. This not only allows attackers to siphon sensitive information but also gives them remote control of the compromised system.

APT41 has a known history of targeting Google services. In prior campaigns, the group used platforms like Google Drive and Sheets to distribute malware to government agencies.

Google’s Response and What Users Should Know

Google has confirmed the existence of this security threat but assures users that the Google Calendar-based vulnerability has been patched. The company has already notified potentially affected organizations and emphasized that the malware campaign is no longer active.

Still, the full scope of damage caused by APT41’s campaign remains unclear, as investigations continue.

Cybersecurity Tips from Google 

To prevent falling victim to similar threats, Google recommends the following:

  • Avoid opening links or attachments from unfamiliar sources.

  • Regularly update systems and use trusted threat detection tools.

  • Monitor system access logs for suspicious activity.

TAGGED: , , , , , , , , , , , , , ,
Share This Article
Previous Article Housefull 5 Housefull 5 Goes Wild with Triple Trouble and Cruise Chaos
Next Article Bhool Chuk Maaf Box Office Report Bhool Chuk Maaf Crosses ₹54 Cr Globally in 7 Days

Your Trusted Source for Accurate and Timely Updates!

We're committed to providing accurate and unbiased news as it unfolds, earning the trust of a large audience. Stay informed with our news updates on the latest events and trends, keeping you ahead of the curve.

Popular Posts

Ravi Teja’s Ravana Asura Poster gives you the chills!

Mass Maharaja, and Telugu Cinema's popular actor Ravi Teja will have 10 different looks in

By TheNewsFacts

Infamous Pinki Pramanik’s Biopic in the making

Controversial Athlete Pinki Pramanik's Biopic is in the making. Producer Ashoke Pandit announced the making

By TheNewsFacts

Big Champion Kid Osaka’s Unforgettable US Open 2021 Moments

When the 18-year-old Leylah Fernandez of Canada dismissed defending champion Naomi Osaka at the US

By TheNewsFacts