Zscaler's latest threat report reveals a 67% year-over-year increase in Android malware transactions and finds that 40% of IoT malware activity is concentrated in manufacturing and transportation. The report, covering June 2024 to May 2025, identifies 239 malicious apps on Google Play with a combined 42 million installs and highlights a 387% spike in attacks on the energy sector.

Dario Betti, CEO of the Mobile Ecosystem Forum, unpacks the findings: threat actors are disguising spyware and banking malware as productivity and workflow apps, exploiting the credibility of enterprise use and the expanding mobile attack surface in hybrid work environments. On IoT, Mirai and its variants dominate, while new threats like the "Void" backdoor affecting 1.6 million Android TV boxes and the "Xnotice" RAT targeting oil and gas job seekers underscore the blend of consumer hardware and social engineering.

Geographically, India leads mobile targets at 26%, while the U.S. accounts for 54% of IoT malware traffic. The defensive response requires layered controls—app governance, mobile threat defense, identity-based access, and IoT segmentation—but operational realities like tight IoT cost structures and fragmented firmware support complicate deployment.

Let us know and share your opinions at +44 7770 1962 27 send us SMS, RCS, Viber or WhatsApp and stay ON MESSAGE.

Key topics: Android malware, IoT security, Zscaler threat report, Google Play malware, Mirai botnet, mobile threat defense, zero trust, energy sector attacks, manufacturing security, hybrid work security, device fingerprinting