Chinese APT41 Group Uses Google Calendar to Control TOUGHPROGRESS Malware

In October 2024, Google revealed that the Chinese group APT41 used Google Calendar as a command and control center (C2) to direct its TOUGHPROGRESS malware. This malware targeted various government entities through a compromised website. The attack was discovered by the Google Threat Intelligence Group (GTIG), which identified an exploited government site hosting the malware.