The search giant warns that hackers can use the service to secretly send commands to malware installed on the computer.
The tactic involves disguising “command and control” commands to the malware as legitimate processes, making them harder to detect.
Hackers have used cloud services such as Dropbox and Amazon Web Services for these purposes in the past, and Google Calendar has now been added to the list of potential tools.
According to the report, a cybersecurity researcher with the pseudonym MrSaighnal published a technique that allows Google Calendar to be used as a command and control system.
Malware can regularly connect to a service account, extract and execute commands embedded in the description of calendar events.
Currently, Google has not recorded any cases of its calendar being used for such purposes, but the fact that the concept is being discussed in underground forums shows that there is real interest in such methods.
Source: Ferra
I am a professional journalist and content creator with extensive experience writing for news websites. I currently work as an author at Gadget Onus, where I specialize in covering hot news topics. My written pieces have been published on some of the biggest media outlets around the world, including The Guardian and BBC News.
