TECHNOLOGY
Kaspersky Lab researchers have discovered ZooPark, a sophisticated cyberespionage campaign, which, for several years, has been targeting users of Android devices based in several middle-eastern countries.
Kaspersky Lab researchers have discovered ZooPark, a sophisticated cyberespionage campaign, which, for several years, has been targeting users of Android devices based in several middle-eastern countries.
Using legitimate websites as sources of infection, the campaign appears to be a nation-state backed operation aimed at political organisations, activists and other targets based in the region. Recently, Kaspersky Lab researchers received something that seemed to be a sample of unknown Android-malware. At first glance, the malware appeared to be nothing serious: a technically very simple and straight-forward cyberespionage tool.
Researchers decided to investigate further and soon discovered a far more recent and sophisticated version of the same app. They decided to call it ZooPark. Some of the malicious ZooPark apps are being distributed from news and political websites popular in specific parts of the middle east.
They are disguised as legitimate apps with names like 'TelegramGroups' and Alnaharegypt news among others, recognised in and relevant to some middle eastern countries. Upon successful infection, the malware provides the attacker with the following abilities:
Exfiltration:
Contacts
Account data
Call logs and audio recordings of the calls
Pictures stored on the SD card of the device
GPS location
SMS messages
Installed application details, browser data
Keylogs and clipboard data
Etc.
Backdoor functionality:
Silently sending SMS
Silently making calls
Execution of shell commands
An additional malicious function targets instant messaging applications, like Telegram, WhatsApp IMO; the web browser (Chrome) and some other applications. It allows the malware to steal the internal databases of the attacked apps. For example, with the web browser, this would mean that stored credentials to other websites could be compromised as a result of the attack. The investigation suggests that the attackers are focusing on users based in Egypt, Jordan, Morocco, Lebanon and Iran.
Based on the news topics that the attackers used to lure victims into installing the malware, members of the United Nations Relief and Works Agency are among the possible targets of the ZooPark malware. "More and more people use their mobile devices as their primary or sometimes even only communication device. And that is certainly being spotted by nation-state sponsored actors, who are building their toolsets so they will be efficient enough to track mobile users. The ZooPark APT, actively spying on targets in middle eastern countries, is one such example, but it is certainly not the only one," said Alexey Firsh, a security expert at Kaspersky Lab.
In total, Kaspersky Lab researchers were able to identify at least four generations of the espionage malware related to the ZooPark family, which has been active since at least 2015. Kaspersky Lab products successfully detect and block this threat.
IND vs NZ, 2nd Test Dream11 prediction: Fantasy cricket tips for India vs New Zealand match
How To Prepare For The UPSC CSE 2025 Exam?
'India supports dialogue and diplomacy, not war': PM Modi at BRICS Summit
This woman lost in Dubai's desert orders camel via Uber, netizens say 'your camel has arrived'
Good news for Vijay Shekhar Sharma, Paytm gets NPCI nod to..., shares surge over 7%
Fan requests Rohit Sharma to deliver her message to Virat Kohli, here's how Indian captain responded
Rajkummar Rao recalls being scammed in Delhi during struggle days: 'The man had...'
Robbers pose as customers in jewellery shop, what owner did next will leave you shocked
Maharashtra Elections 2024: NCP releases 1st list of 38 candidates; Ajit Pawar to contest from…
Japanese Shah Rukh Khan leaves Bollywood Badshah's fan impressed, social media says...
Will KL Rahul be retained by LSG ahead of IPL Auction? New report provides BIG update, it says...
'Wayanad will have two MPs': Rahul Gandhi after Priyanka files nomination for bypolls
I Want To Talk teaser: Abhishek Bachchan announces his next with Shoojit Sircar, to release on...
Diwali 2024: When is Deepawali, October 31 or November 1? Check dates, mahurat timings and more
JEE Main 2025 exam date to release TODAY: Know how to register, check exam calendar HERE
Jhalmuri fever hits London: Video of British man selling Kolkata-style street food goes viral, watch
SC slams Centre as Delhi air worsens, calls environment laws...
Ex-cricketer suggests replacing KL Rahul with THIS batsman for 2nd Test vs NZ, he is…
TMC MP Kalyan Banerjee smashes bottle, hurls it towards Chair in row over Waqf meet
Know how Mukesh Ambani and Nita Ambani's children Isha Ambani and Akash Ambani got their names
Family finds venomous snakes under their bed, what happened next will leave you in shock
This company's Vice President gets fired after raise and bonus, reason will leave you shocked
Mukesh Ambani-led Jio Financial eyes JVs with Allianz SE in insurance sector
IMD's BIG update: Cyclone Dana forms over Bay of Bengal, to cross Odisha-Bengal coasts on...
This company gifts cars as Diwali bonus, calls its employees celebrities, is owned by…
Amid divorce rumours with Aishwarya Rai, Abhishek Bachchan skips her family gathering
When Ratan Tata opened up about his parents separation, first love and childhood, he said...
Blow to Mukesh Ambani ahead of Isha Ambani, Akash Ambani's birthday, Reliance stocks...
Saudi Arabia's futuristic megacity project Neom a big threat to migratory birds? Experts say...
Apple CEO Tim Cook didn’t know about this iPhone feature, left speechless, know here
Mukesh Ambani's Reliance Jio offers superhit Diwali plan, unlimited 5G internet for just Rs...
Bengaluru Rains: Schools closed, WFH advisory for private companies as IMD issues yellow alert
Israel confirms killing of Hashem Safieddine, presumed successor of Hezbollah chief Hassan Nasrallah
Big move by Anil Ambani, his company to invest Rs 10000 crore to set up India's largest...
Meet Indian genius, who was born in small town, today leads AI innovations of Google, she is...
Woman stays at luxury resort worth Rs 3 lakh for free, claims she used...
Delhi AQI update: Air quality worsens to 'very poor' level at 349, becomes 'severe' in these areas
PM Modi to hold bilateral talks with Xi Jinping at BRICS Summit today
Odisha, West Bengal brace for Cyclone Dana: How was it named and what it means?
POCSO case: Mumbai Police ask Ekta Kapoor, her mother to appear for questioning tomorrow
Watch: Can you identify all the actors in this clip from 1991?
Priyanka Gandhi to file nomination for Wayanad Lok Sabha bypoll today
Meet woman, whose father used to sell milk, cracked UPSC exam with AIR 62 to become...
Delhi: No water supply in Capital for 12 hours on Friday due to…; check list of affected areas
Salman Khan resumes shooting for Sikandar amid death threats from Lawrence Bishnoi
India, Pakistan extend Kartarpur Sahib corridor agreement for five years
DNA TV Show: What is BRICS currency? Is it possible to introduce it today?
IPL 2025: Three-time IPL champion set to join Gujarat Titans as batting coach - Reports
PM Modi, Xi Jinping to hold bilateral meet on sidelines of BRICS Summit on Oct 23, first in 5 years
New Himalayan snake species named after Academy Award winner Leonardo DiCaprio, it will be called…
Cyclone Dana: Schools closed in West Bengal, Odisha for 4 days from...
Delhi govt to provide special assistance of Rs 5000 monthly to...
Rape-accused Hollywood producer Harvey Weinstein diagnosed with bone marrow cancer
IND vs NZ: Sarfaraz Khan or KL Rahul; Who will find a spot in 2nd Test? India coach says…
Mumbai Police interrogates Ekta Kapoor, her mother Shobha Kapoor in case under POCSO act
Mukesh Ambani may team up with govt to sell food products through...
Bengaluru: Several feared trapped as under-construction building collapses
Best Cheap VPS Hosting Providers: Top Picks for Hosting Under USD 10
Zomato CEO Deepinder Goyal set to raise Rs 8500 crore, says it is meant to...