"Attackers Use Google Calendar RAT to Abuse Calendar Service as C2 Infrastructure"

Google warns of a public Proof-of-Concept (PoC) exploit called Google Calendar RAT (GCR) that uses the Calendar service to host Command-and-Control (C2) infrastructure. Google has yet to observe the use of GCR in the wild, but Mandiant has observed that multiple actors have shared the public PoC on underground forums. The misuse of the Google service makes it difficult for defenders to detect malicious activity. This article continues to discuss threat actors using GCR to abuse Google's Calendar service as C2 infrastructure.

Security Affairs reports "Attackers Use Google Calendar RAT to Abuse Calendar Service as C2 Infrastructure"

Submitted by grigby1

 

Submitted by Gregory Rigby on