Inspiration borrowed from https://github.com/MrSaighnal/GCR-Google-Calendar-RAT rewritten in Javascript. Technique used by APT41, a Chinese cyber threat group. Read original to understand how it works.
In the screenshot below you can see exfil data extracted from the victims computer base64 encoded and labeled with a hash ID with the content in the description field of the calendar
https://github.com/MrSaighnal/GCR-Google-Calendar-RAT
https://cloud.google.com/blog/topics/threat-intelligence/apt41-innovative-tactics

