Any means is good to take control of someone else’s computer, and even the most mundane tools can become a wide open door to achieve this.
Do you use Google Calendar? It is very likely yes, because this Google service is deeply anchored in its ecosystem, very popular and present by default on Android and ChromeOS. As a result, we could expect it to be constantly dissected by hackers of all kinds who, if they find a flaw, could reach a large number of victims.
Unfortunately, this nightmare scenario has just become reality, since a certain Valerio Alessandroni has managed to develop a tool with rather frightening capabilities.
Event descriptions, the Achilles heel of Google Calendar?
Called Google Calendar RAT, this tool exploits descriptions of events in Google’s calendar to create a hidden communication channel, under cover of the American giant’s servers. Once this channel is opened with the victim’s device, the threat actor can discreetly activate remote commands and retrieve a wealth of data.
The infected computer regularly updates Google Calendar, which then continuously synchronizes with Google’s servers and checks whether the description of the infected event has been updated. The script used by Google Calendar RAT creates a chain of instructions, automatically modifying the commands provided by the attacker with new ones.
This flaw is particularly formidable because, as Alessandroni explains, “ the only connections established are with Google servers, which makes the connection completely legitimate “. Additionally, the resources malicious actors need to develop are minimal, since they mainly only need a Gmail account.
An approach that risks becoming democratized
Although the Mountain View firm is aware of this vulnerability, there does not appear to be a fix for the moment. On the other hand, it does not identify any attack using the Google Calendar RAT, although shared by Alessandroni on GitHub since June 2023. The tool also circulates very well on the clandestine forums of the dark web, which shows the interest it arouses among hackers.
For Google, this is quite a rock in the sand, but one that is part of a trend that it has been observing for some time. In a recent report on computer threats, the firm explains: “ Rather than relying on infrastructure that they operate themselves or rent from criminal services, many bad actors are increasingly favoring legitimate cloud services to host their infrastructure “.
This makes it possible to deploy attacks that are difficult to detect, in an environment in which victims feel confident. Worse still, this allows access to information stored on their devices, and therefore to a myriad of personal data. Caution is therefore advised for the moment, if it can really be useful in the case of Google Calendar RAT.
Download
- Ease of use and intuitive interface
- Integration with Gmail and other Google services
- Ability to easily share your calendars with other users
Google Calendar is a free application that allows you to manage all your events and tasks in a simple and intuitive way. This application is available on several platforms and allows you to synchronize your calendars with other people.
Google Calendar is a free application that allows you to manage all your events and tasks in a simple and intuitive way. This application is available on several platforms and allows you to synchronize your calendars with other people.
Source : The Hacker News
A hyper-connected geek and keen on podcasts, I'm always reading or listening to news of all kinds. Between history, tech, politics, music, video games and popular science: all the news (or almost all) arouses my curiosity. Otherwise, I like rock and lofi, game nights that are always too long, good films and guys.
Read other articles
1