Findings from the Zscaler ThreatLabz 2025 Mobile, IoT, and OT Threat Report from Zscaler, Inc. uncovered hundreds of malicious apps in the Google Play Store targeting users searching for productivity and workflow apps.
“Attackers are pivoting to areas with maximum impact. We’re seeing a YoY rise of 67% in malware targeting mobile devices and 387% in IoT/OT attacks on energy sectors often hosting critical infrastructure, which is a massive swing,” says Deepen Desai, EVP and chief security officer at Zscaler. “A Zero Trust everywhere approach, combined with AI-powered threat detection, is imperative to reducing the attack surface, limit lateral movement, and provide organizations the defense they need against ever-evolving attacks.”
Key takeaways:
· The report reveals is a 67% year-over-year increase in Android malware transactions, reflecting the continued risks of spyware and banking malware.
· ThreatLabz researchers identified 239 such applications hosted on the Google Play Store, which were collectively downloaded 42 million times.
· A key distribution channel for this malware was the "Tools" category, disguising malicious applications as productivity and workflow tools. This tactic capitalizes on users' trust in functionality-driven applications, a trust particularly strong in hybrid and remote work settings where mobile devices are integral to professional tasks.
· Manufacturing remains a top target for mobile and IoT attacks.
· In the IoT landscape, the manufacturing and transportation sectors continue to be the most frequently targeted verticals. This year, each sector accounted for 20.2% of all observed IoT malware attacks, collectively representing over 40% of total incidents. This marks a shift from 2024, when manufacturing alone represented 36% of total incidents, followed by transportation at 14%. This suggests that while manufacturing remains a critical target, threat actors are increasingly diversifying their efforts across other high-dependency IoT industries.
· Mobile attacks cluster in India, United States and Canada; United States is the IoT threat epicenter at 54%.
· Worldwide mobile threats have surged, with the majority of these attacks concentrated in three key regions: India, accounting for 26% of all mobile attacks, the United States at 15%, and Canada at 14%. India, in particular, experienced a significant 38% increase in mobile threat attacks compared to the previous year.
· Threat actors are abandoning card-focused fraud in favor of mobile payments.
