Press release
Zscaler ThreatLabz Reveals 67% Jump in Android Malware and 40% of IoT Attacks Target Critical Industries and Hybrid Work
The Report Reveals 239 Malicious Play Apps with Over 42M User Installs Key Findings: Critical infrastructure in the energy sector experienced a 387% increase
About this update from Zscaler Inc
[{"type":"text","content":"The Report Reveals 239 Malicious Play Apps with Over 42M User Installs\nKey Findings: Critical infrastructure in the energy sector experienced a 387% increase in attacks compared to the previous yearIndia continues to be the top target for mobile attacks, with 26% of activityThe US remains the top target for IoT attacks, with 54% of activity SAN JOSE, Calif., Nov. 05, 2025 (GLOBE NEWSWIRE) -- Zscaler, Inc. (NASDAQ: ZS), the leader in cloud security, today published the findings of its Zscaler ThreatLabz 2025 Mobile, IoT, and OT Threat Report, outlining how threat actors are leveraging malware attacks and constantly evolving their tactics. The report uncovered hundreds of malicious apps in the Google Play Store that have been downloaded over 40 million times, targeting users that are searching for productivity and workflow apps. Based on Zscaler's mobile telemetry dataset, the ThreatLabz team identified several emerging mobile threats and new malicious activity, providing valuable insights to help enterprises stay ahead of attackers in a mobile-first world. Hundreds of malicious apps downloaded over 40 million times Similar to last year, this year we again saw threat actors developing and releasing malicious applications targeting trusted marketplaces and hybrid work environments. The result, which the report reveals is a 67% year-over-year increase in Android malware transactions, reflects the continued risks of spyware and banking malware. ThreatLabz researchers identified 239 such applications hosted on the Google Play Store, which were collectively downloaded 42 million times. A key distribution channel for this malware was the \"Tools\" category, disguising malicious applications as productivity and workflow tools. This tactic capitalizes on users' trust in functionality-driven applications–a trust that is particularly strong in hybrid and remote work settings where mobile devices are integral to professional tasks. Manufacturing remains a top target for mobile and IoT attacks ThreatLabz's analysis of Android attack volumes reveals that the Manufacturing and Energy sectors remain prime targets for cybercriminals due to the potential for significant returns. Notably, the energy sector experienced a substantial 387% increase in attacks compared to the previous year, highlighting an escalating threat to critical infrastructure ...