Latest news with #TOUGHPROGRESS
News18
6 days ago
- News18
Google Calendar Has A Dangerous Malware Threat: What Is It And How It Attacks
Last Updated: Google malware threats are getting wilder but the Calendar app being the ruse to attack businesses is a new method on the check list. Hacker groups are now eyeing your Google Calendar to bypass the device security and steal information. They have devised a dangerous malware called TOUGHPROGRESS that primarily targets government websites and holds them to ransom in exchange for giving them back the access. This is not the first sighting of the malware, and the Google Threat Intelligence team claims the first incident of the APT41 hacking group was reported back in October 2024. Now, the same group is exploiting the Calendar app to breach the system defenses and attack the victims. The details from the cyber security group at Google suggests the malware is directed at targeted systems using the conventional phishing email method. The group sends the pointed email with the objective to get the victim to open the affected website where the malicious ZIP file with PDF and fake images triggers the malware into action. And once the TOUGHPROGRESS malware bypasses all the checks, it tries to access the Calendar app of the victim to not only steal data but take control over the system by sending commands. The fake Calendar app also creates events with data embedded into them. This isn't the first Google product to be targeted by the hacker group. The APT41 group used Google Drive to inflict similar attacks on government entities using Google Sheets and more. Not In Danger Google has strong advice for people to avoid falling prey to these attacks: Expect more details from Google once the severity and impact of the malware campaign is addressed and rectified. First Published:
Hans India
29-05-2025
- Hans India
Chinese Hacker Group APT41 Uses Google Calendar to Spy with New Malware
Google said that a Chinese hacker group called APT41 used a new kind of bad software called TOUGHPROGRESS to spy on governments. This bad software uses Google Calendar in a smart way to send commands and steal information. Here is how it works: The hackers sent emails with a link to a fake file on a government website. When someone clicked the file, it showed a fake document but secretly put bad software on the computer. The bad software talks to the hackers by reading and writing events on a Google Calendar the hackers control. It uses calendar events to send orders and steal data without anyone noticing. The bad software hides itself well to avoid being caught, using tricks like secret codes and running only in the computer's memory. Google found this attack in late 2024 and quickly closed the bad Google Calendar and related accounts to stop the hackers. The companies and governments attacked were told about it. APT41 is a well-known hacker group that has attacked many industries like shipping, media, and technology all over the world. This is not the first time they used Google's tools to hide their attacks — before, they used Google Drive and Google Sheets for spying too.
