Kaspersky Lab reveals malware that targets Android users through Telegram
Kaspersky Lab has released an announcement and report of a “sophisticated cyberespionage campaign” that goes by the name ZooPark.
The malware has been targeting Android device users based in Middle Eastern countries for years and appears to be a “nation-state backed operation aimed at political organizations, activists and other targets based in the region,” according to the internet security company.
Disguised as legitimate apps, ZooPark was being distributed from news and political websites popular in the region. One of the vectors was Telegram, the popular messaging app with end-to-end encryption, which has just been banned in Iran for “being used to coordinate illegal activity,” according to the Islamic Republic News Agency.
The announcement lists the information that the malware provides the attacker, including everything from contacts to account data, GPS location, SMS messages and more. There is also a backdoor function that allows for silently sending SMS messages and making calls as well as the execution of shell commands.
Researchers at Kaspersky Lab first confused the malware for a simple cyberespionage tool. However upon further investigation they discovered a recent and sophisticated version of the app, which they decided to call ZooPark. They have been able to identify at …read more