惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

GbyAI
GbyAI
Simon Willison's Weblog
Simon Willison's Weblog
Microsoft Security Blog
Microsoft Security Blog
Y
Y Combinator Blog
The GitHub Blog
The GitHub Blog
Engineering at Meta
Engineering at Meta
F
Fortinet All Blogs
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
A
About on SuperTechFans
Last Week in AI
Last Week in AI
月光博客
月光博客
有赞技术团队
有赞技术团队
P
Proofpoint News Feed
MyScale Blog
MyScale Blog
Martin Fowler
Martin Fowler
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
C
Check Point Blog
U
Unit 42
The Register - Security
The Register - Security
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
Hugging Face - Blog
Hugging Face - Blog
阮一峰的网络日志
阮一峰的网络日志
V
Visual Studio Blog
酷 壳 – CoolShell
酷 壳 – CoolShell
D
DataBreaches.Net
WordPress大学
WordPress大学
aimingoo的专栏
aimingoo的专栏
H
Hacker News: Front Page
Recent Announcements
Recent Announcements
C
CXSECURITY Database RSS Feed - CXSecurity.com
Latest news
Latest news
小众软件
小众软件
P
Palo Alto Networks Blog
PCI Perspectives
PCI Perspectives
Security Latest
Security Latest
S
Secure Thoughts
Scott Helme
Scott Helme
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
T
Threat Research - Cisco Blogs
P
Proofpoint News Feed
M
MIT News - Artificial intelligence
Application and Cybersecurity Blog
Application and Cybersecurity Blog
Google DeepMind News
Google DeepMind News
Recorded Future
Recorded Future
O
OpenAI News
S
Securelist
云风的 BLOG
云风的 BLOG
H
Help Net Security
T
Troy Hunt's Blog

Press Releases

Aston Martin F1 & Zscaler: Speed Meets Security Zscaler Debuts ZAgent and Extends SASE Protection Zscaler report: AI brings lethal precision to cybercrime Zscaler Unites with Tech Leaders to Secure Enterprise AI Zscaler Unveils New Product Innovations to Secure Agentic AI Zscaler Announces Intent to Acquire Symmetry Systems, Inc. Zscaler Partners with GSIs to Launch Project AI-Guardian Zscaler and Alstom mark a decade of Zero Trust transformation to secure a cloud-first, mobile workforce and modernize operations | Zscaler Zscaler Recognized as Google Cloud Partner of the Year - Security Zscaler ZIA Achieves DoW Impact Level 5 Authorization Zscaler Expands Global Sovereignty on Zero Trust Exchange Zscaler & Singtel Singapore Bring Zero Trust Security SEA Zscaler, Together With Bharti Airtel, Announce Launch of AI & Cyber Threat Research Center to Advance Cyber Resilience and Trusted AI Adoption | Zscaler Zscaler Acquires SquareX to Advance Zero Trust Browser Security for the AI Era | Zscaler Zscaler Unveils New Innovations to Secure Enterprise AI Adoption Zscaler 2026 AI Security Report: Trends and Security Issues Zscaler Expands in Malaysia With New Data Center in Kuala Lumpur Dr. Swamy Kocherlakota to Lead Agentic AI Security Engineering Zscaler Appoints Sunil Frida as Chief Marketing Officer Zscaler recognized as AWS Marketplace Partner of the Year Zscaler and Microsoft Partner in Entra Agent ID Partner Ecosystem Zscaler Acquires Innovative AI Security Pioneer SPLX Zscaler Announces New Innovations for Improved Digital Experience Zscaler announces advancements for U.S. Federal Civilian and DoD Zscaler Completes 2024 IRAP Assessment Zscaler and CrowdStrike Expand Partnership for Better AI Security Zscaler Completes Acquisition of Red Canary Ransomware Surges as Attempts Spike 146% IT Resilience Undermined by Lack of Support for Team Wellbeing Zscaler Extends Zero Trust to Cellular Communications for IoT/OT Zero Trust Security Reduces Cyber Insurance Claims Zscaler Achieves ISV Competencies In Three Categories Zscaler Unveils Latest AI Innovations on stage at Zenith Live Zscaler Launches New Solutions at Zenith Live Las Vegas Kevin Rubin Joins Zscaler as Chief Financial Officer Zscaler signed a definitive agreement to acquire Red Canary Zscaler, A Leader Once Again In The 2025 Gartner MQ for SSE Zscaler Leads by Example and Achieves DoD’s CMMC Level 2 Certific Raj Judge to Join Zscaler and Board of Directors Zscaler Leads by Example and Achieves DoW’s CMMC Level 2 Certific Zscaler Listed in AWS “ICMP” for the US Federal Government Zscaler ThreatLabz Uncovers Surge in AI-Driven Cyberattacks ThreatLabz Announces Findings From Its 2025 VPN Risk Report Zscaler Deployed Across T-Mobile Operations Report Finds an Over 3,000% Surge in Enterprise Use of AI/ML Tool Zscaler Introduces Zscaler Asset Exposure Management Survey Reveals Urgent Need to Prioritize Zero Trust Adoption Zscaler Offers Integrated Zero Trust Solution for RISE with SAP Nokia Turns to Zscaler to Modernize Security Architecture Zscaler Finds Over 87% of Cyberthreats Hide in Encrypted Traffic Zscaler Extend Zero Trust to Branches, Factories and Clouds Zscaler Expands Business Continuity Solution for Cloud & Endpoint Zscaler and Okta announced four new cybersecurity integrations Zscaler Identifies Malicious Apps with Over 8M Installs Zscaler Surpasses Half a Trillion Daily Transactions TOYOTA GAZOO Selects Zscaler to Protect Users Globally Zscaler Appoints Security Industry Veteran Adam Geller as CPO Zscaler and CrowdStrike announce new cyber security integrations Zscaler Opens New Point-of-Presence in Western Australia
Zscaler Reveals 67% Jump in Android Malware & 40% of IoT Attacks
2025-11-05 · via Press Releases

Key Findings:

  • Critical infrastructure in the energy sector experienced a 387% increase in attacks compared to the previous year
  • India continues to be the top target for mobile attacks, with 26% of activity
  • The US remains the top target for IoT attacks, with 54% of activity

San Jose, Calif., Nov. 5, 2025 – Zscaler, Inc. (NASDAQ: ZS), the leader in cloud security, today published the findings of its Zscaler ThreatLabz 2025 Mobile, IoT, and OT Threat Report, outlining how threat actors are leveraging malware attacks and constantly evolving their tactics. The report uncovered hundreds of malicious apps in the Google Play Store that have been downloaded over 40 million times, targeting users that are searching for productivity and workflow apps. Based on Zscaler's mobile telemetry dataset, the ThreatLabz team identified several emerging mobile threats and new malicious activity, providing valuable insights to help enterprises stay ahead of attackers in a mobile-first world. 

Hundreds of malicious apps downloaded over 40 million times

Similar to last year, this year we again saw threat actors developing and releasing malicious applications targeting trusted marketplaces and hybrid work environments. The result, which the report reveals is a 67% year-over-year increase in Android malware transactions, reflects  the continued risks of spyware and banking malware. ThreatLabz researchers identified 239 such applications hosted on the Google Play Store, which were collectively downloaded 42 million times.

A key distribution channel for this malware was the "Tools" category, disguising malicious applications as productivity and workflow tools. This tactic capitalizes on users' trust in functionality-driven applications–a trust that is particularly strong in hybrid and remote work settings where mobile devices are integral to professional tasks.

Manufacturing remains a top target for mobile and IoT attacks

ThreatLabz's analysis of Android attack volumes reveals that the Manufacturing and Energy sectors remain prime targets for cybercriminals due to the potential for significant returns. Notably, the energy sector experienced a substantial 387% increase in attacks compared to the previous year, highlighting an escalating threat to critical infrastructure and greater exploitation of vulnerabilities within these essential industries.

In the IoT landscape, the Manufacturing and Transportation sectors continue to be the most frequently targeted verticals. This year, each  sector accounted for 20.2% of all observed IoT malware attacks, collectively representing over 40% of total incidents. This marks a shift from 2024, when Manufacturing alone represented 36% of total incidents, followed by Transportation at 14%. This suggests that while Manufacturing remains a critical target, threat actors are increasingly diversifying their efforts across other high-dependency IoT industries.

Most prevalent IoT malware

Roughly 40% of blocked transactions are linked to the Mirai family alone, and Mozi has overtaken Gafgyt as the second highest malware family. Together, Mirai, Mozi, and Gafgyt account for roughly 75% of all malicious payloads in IoT environments.

Mobile attacks cluster in India, US and Canada; US is the IoT threat epicenter at 54 percent

Worldwide, mobile threats have surged, with the majority of these attacks concentrated in three key regions: India, accounting for 26% of all mobile attacks, the United States at 15%, and Canada at 14%. India, in particular, experienced a significant 38% increase in mobile threat attacks compared to the previous year. 

The top five countries that receive the most mobile malware traffic are: 

  • India (26%)
  • United States (15%)
  • Canada (14%)
  • Mexico (5%)
  • South Africa (4%)

The report also revealed that the US is both a hub for IoT activity (54.1%) and a primary target for malware attacks. The top five countries that receive the most IoT malware traffic are:

  • United States (54%)
  • Hong Kong (15.%)
  • Germany (6%)
  • India (5%)
  • China (4%)

“Attackers are pivoting to areas with maximum impact. We’re seeing a YoY rise of 67% in malware targeting mobile devices and 387% in IoT/OT attacks on energy sectors often hosting critical infrastructure, which is a massive swing,” said Deepen Desai, EVP and Chief Security Officer at Zscaler. “A Zero Trust everywhere approach, combined with AI-powered threat detection, is imperative to reducing the attack surface, limit lateral movement, and provide organizations the defense they need against ever-evolving attacks.”

Additional highlights and new findings this year

  • A new backdoor called Android Void malware has infected 1.6 million Android-based TV boxes, primarily in India and Brazil
  • New Remote Access Trojan (RAT), Xnotice, was identified for targeting job seekers in the oil and gas industry, particularly in MENA
  • Adware overtook the Joker malware family as the top mobile threat, with a leading 69% of cases, while Joker dropped to 23% of cases, from 38% last year
  • Threat actors are abandoning card-focused fraud in favor of mobile payments

Defending against growing IoT, OT and Mobile threats

Zscaler Zero Trust Branch delivers comprehensive security and operational efficiency for branch offices, remote sites, and distributed networks, designed for environments that rely heavily on mobile, IoT, cellular IoT, and OT technologies. Using a cloud-native and AI-driven Zero Trust architecture, Zscaler aims to ensure all users, devices, and applications are safeguarded with continuous real-time verification and robust policy enforcement, regardless of their location relative to the traditional network perimeter.

Zscaler Cellular offers secure, scalable, and efficient connectivity as a service for IoT and mobile devices that rely on cellular connections. This solution, powered by the Zscaler Zero Trust Exchange™ platform, addresses the growing security challenges posed by billions of IoT devices and mobile endpoints, which traditional security methods often fail to secure effectively. It achieves this by enforcing granular policies, providing centralized visibility, and eliminating attack surfaces for all cellular traffic.

Download your copy

The 2025 Mobile, IoT, and OT Threat Report highlights the critical importance of securing mobile endpoints, IoT devices, and OT systems. Access the full report at https://www.zscaler.com/campaign/threatlabz-mobile-iot-ot-report

Research Methodology

Mobile

The research methodology for this report includes analysis of mobile transactions and associated cyberthreats based on data collected from the Zscaler cloud between June 2024 and May 2025. The dataset comprises more than 20 million threat-related mobile transactions.

IoT/OT

The team focused their research on understanding the distinct attributes and activity of IoT devices via device fingerprinting (DFP) and analyzing the IoT malware threat landscape.

Device fingerprinting data from March 2025 to May 2025 included:

  • A complete inventory of devices, including device types and manufacturers
  • The volume and source of IoT device transactions
  • The industries and geographies contributing to IoT traffic

IoT malware threat data from June 2024 to May 2025 included:

  • The most active malware families
  • The industries and geographies most targeted by IoT attacks
  • The top attacked devices