From 58e3e5f5d69e9482655c7265e726a1940b569d9c Mon Sep 17 00:00:00 2001 From: Deborah Servili Date: Fri, 4 May 2018 10:16:01 +0200 Subject: [PATCH] add ZooPark campaign --- clusters/threat-actor.json | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json index b718a55..13b3926 100644 --- a/clusters/threat-actor.json +++ b/clusters/threat-actor.json @@ -2665,6 +2665,16 @@ "synonyms": [] }, "uuid": "3dddc77e-a52a-466a-bf1c-1463e352077f" + }, + { + "value": "ZooPark", + "description": "ZooPark is a cyberespionage operation that has been focusing on Middle Eastern targets since at least June 2015. The threat actors behind ZooPark infect Android devices using several generations of malware we label from v1-v4, with v4 being the most recent version deployed in 2017.", + "meta": { + "refs": [ + "https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2018/05/03095519/ZooPark_for_public_final.pdf" + ] + }, + "uuid": "4defbf2e-4f73-11e8-807f-578d61da7568" } ], "name": "Threat actor",