According to Infosecurity Magazine, Zscaler’s ThreatLabz 2025 report reveals a 67% increase in Android malware over the past year. Between June 2024 and May 2025, researchers analyzed over 20 million mobile requests and found 239 malicious apps that slipped past Google’s filters. These apps were downloaded a staggering 42 million times from the official Play Store, with productivity and workflow tools being the most common disguises. The manufacturing and energy sectors were hit hardest, with energy sector attacks surging 387% annually. India accounted for 26% of malicious mobile traffic, followed by the US at 15% and Canada at 14%. Meanwhile, IoT threats were dominated by Mirai malware at 40% and Gafgyt variants at 35% of blocked requests.
The Trust Exploitation Problem
Here’s the thing that makes this particularly concerning – threat actors aren’t just creating random games or flashy apps. They’re specifically targeting productivity and workflow tools that people actually need for remote work. Basically, they’re exploiting our trust in functional software. When you’re trying to get work done, you’re less likely to question whether that PDF converter or file manager might be malicious. And these aren’t obscure apps either – 42 million downloads means these were hitting mainstream audiences who thought they were getting legitimate tools from Google’s walled garden.
Why Certain Sectors Are Getting Hammered
The manufacturing and energy focus isn’t random either. These are sectors where operational technology meets information technology, creating massive attack surfaces. Manufacturing dropped from 36% to about 20% of IoT attacks, but that’s not because it got safer – it’s because other sectors like transportation saw their share jump from 14% to 20%. The energy sector’s 387% explosion in attacks is terrifying when you consider these are often critical infrastructure systems. Attackers are clearly going where the impact hurts most – disrupt energy or manufacturing, and you’re causing real-world chaos, not just stealing data.
The Changing Geography of Threats
India leading with 26% of malicious mobile traffic and a 38% year-over-year surge tells a story about smartphone adoption outpacing security awareness. But the IoT threat landscape looks completely different – the US accounts for over half of all attacks at 54%. That’s a massive concentration. Hong Kong at 15% and Germany at 6% round out the top targets. So we’re seeing two different threat patterns: mobile malware heavily focused on developing markets with massive smartphone growth, while IoT attacks concentrate on developed economies with more connected infrastructure. Different motivations, different victims, same result – everyone’s getting hit.
So What Actually Works Against This?
Zscaler’s Deepen Desai pushes for “Zero Trust everywhere” combined with AI-powered detection, which sounds great in a boardroom but feels increasingly like security buzzword bingo. The reality is that traditional app store scanning clearly isn’t cutting it when hundreds of malicious apps slip through. And the 40% Mirai dominance in IoT threats shows we’re still fighting the same battles from years ago. Maybe the real question isn’t about finding better detection – it’s about why we keep building systems that are so fragile in the first place. When basic productivity apps can harbor malware that infects millions, something fundamental needs to change in how we approach mobile and IoT security from the ground up.
