Threat actor ZooPark which surfaced in June 2015, is a threat group that focuses on targeting Middle Eastern Countries using several generations of malware of with naming conventions from v1 to v4 with v4 being the latest deployed in 2017. ZooPark focuses on infecting Android devices using Watering Hole attacks. Threat group also hacked several websites which redirects the users to other downloading sites to serve malicious APKs. Some of them were related to “Kurdish referendum” “TelegramGroups” and “Alnaharegypt news”. The group focuses to target Egypt, Jordan, Morocco, Lebanon and Iran for their gains in the recent times with their v4 generation of malware.