42 Million Downloads: Google Apps Infected With Malware
▼ Summary
– Android malware increased 67% over the past year, with 239 malicious apps bypassing Google Play store filters and being downloaded 42 million times.
– Productivity and workflow apps in the “Tools” category were commonly used by threat actors to exploit user trust and remote work needs.
– Manufacturing and energy sectors were most targeted, with energy experiencing a 387% annual increase in mobile attacks, while India, the US, and Canada accounted for most malicious traffic.
– Mirai and Gafgyt malware families dominated IoT threats, accounting for 40% and 35% of blocked requests, with manufacturing and transportation as the top targeted sectors.
– Zscaler recommends a Zero Trust approach combined with AI-powered threat detection to reduce attack surfaces and defend against evolving threats.
A significant surge in malware targeting Android devices has been documented, with security experts reporting a 67% increase over the past year. Hundreds of dangerous applications managed to infiltrate the official Google Play store, bypassing the platform’s security measures. According to the comprehensive ThreatLabz 2025 Mobile, IoT, and OT Threat Report from Zscaler, which analyzed more than 20 million mobile requests, 239 malicious apps were downloaded a staggering 42 million times after slipping through Google’s defenses.
Many of these harmful programs were disguised as productivity and workflow utilities, strategically placed within the “Tools” category. Cybercriminals effectively capitalized on user trust in functional software, especially applications perceived as useful for remote work environments. This tactic proved highly successful in deceiving users into installing the compromised apps.
The manufacturing and energy sectors emerged as the primary targets for these mobile-based attacks. Alarmingly, the energy industry experienced a 387% annual increase in mobile attacks, highlighting a focused assault on critical infrastructure. Geographically, India generated the largest share of malicious mobile traffic at 26%, followed by the United States at 15% and Canada at 14%. India also saw its threat volume jump by 38% compared to the previous year.
In the realm of Internet of Things (IoT) threats, the Mirai malware family was responsible for 40% of all blocked requests. The Gafgyt variant accounted for another 35% of these threats. Manufacturing and transportation sectors were the most frequently impacted verticals for IoT malware attacks, each representing approximately one-fifth of all observed incidents. This signifies a notable shift from the previous year’s distribution of attacks.
The United States was the foremost target for IoT threat activity, enduring over half of all attacks at 54%. Hong Kong followed at a distant 15%, with Germany, India, and China accounting for 6%, 5%, and 4% respectively. Deepen Desai, EVP and Chief Security Officer at Zscaler, commented on the alarming trends, noting that attackers are deliberately focusing on areas where they can achieve maximum disruption. He emphasized that a comprehensive Zero Trust strategy, enhanced by AI-powered threat detection, is now essential for organizations to reduce their attack surface, prevent lateral movement of threats, and defend against these continuously evolving cyberattacks.
(Source: Info Security)
