ThaiCERT    ETDA    MDES
Report
Search
Home > List all groups > List all tools > List all groups using tool ZooPark

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link Tool: ZooPark

NamesZooPark
CategoryMalware
TypeBackdoor, Info stealer, Credential stealer, Exfiltration
Description(Kaspersky) Kaspersky Lab has been following this malware since 2015, and it has learned a plethora of new tricks since then. The current, fourth version of this Trojan can steal almost any information from your smartphone, from contacts to call logs and info you enter by keyboard. Here is the list of data that ZooPark can collect and send to its owners:

• Contacts
• User account information
• Call history
• Call audio recordings
• Text messages
• Bookmarks and browser history
• Browser search history
• Device location
• Device information
• Information on installed apps
• Any files from the memory card
• Documents stored on the device
• Information entered using the on-screen keyboard
• Clipboard information
• App-stored data (for example, data from messaging apps such as Telegram, WhatsApp, and imo, or the Chrome browser)

In addition, ZooPark can take screenshots and photos, and record videos on command. For example, it can take a picture of the phone’s owner from the front camera and send it to its command center.
Information<https://www.kaspersky.com/blog/zoopark-attacks/22389/>
<https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2018/05/03114450/ZooPark_for_public_final_edit.pdf>
<https://securelist.com/whos-who-in-the-zoo/85394>
Malpedia<https://malpedia.caad.fkie.fraunhofer.de/details/apk.zoopark>

Last change to this tool card: 13 May 2020

Download this tool card in JSON format

All groups using tool ZooPark

ChangedNameCountryObserved

APT groups

 ZooPark[Unknown]2015 

1 group listed (1 APT, 0 other, 0 unknown)

Thailand Computer Emergency Response Team (ThaiCERT)
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1234
E-mail report@thaicert.or.th
PGP Download PGP key