Google Uncovers APT41’s Use of Open Source GC2 Tool to Target Media and Job Sites

A Chinese state-backed group, known as HOODOO, targeted a Taiwanese media organisation using an open source red teaming tool, Google Command and Control (GC2). The group used a phishing email to deploy the tool, allowing it to access commands from Google Sheets and extract data via Google Drive. Wider abuse of Google’s infrastructure for malicious activity continues, highlighting the growing vulnerability of cloud services.