A recent study by Zscaler has unveiled a troubling rise in mobile and IoT security incidents, highlighting vulnerabilities in systems that billions of users depend on for their daily activities, including work and financial transactions.
Alarming Rise in Android Malware
The research revealed a staggering 239 malicious Android applications available on Google Play, which have collectively been downloaded a staggering 42 million times. This surge is part of a broader trend, with Zscaler reporting a 67% year-over-year increase in Android malware transactions. The predominant threats include spyware, banking trojans, and a notable rise in adware campaigns, which now account for 69% of all malware detections. Interestingly, the notorious “Joker” family of malware has seen a decline, now representing only 23% of detections, indicating a shift in attackers’ strategies to monetize mobile access more effectively.
Targeting High-Value Industries
High-value sectors are increasingly becoming prime targets for cybercriminals. The energy sector, in particular, has experienced a staggering 387% increase in attack attempts compared to the previous year. Meanwhile, the manufacturing and transportation industries are also grappling with a significant volume of IoT threats, which account for over 40% of the observed malware activity in this category.
Dominance of IoT Attacks
IoT attacks are heavily influenced by well-known malware families such as Mirai, Mozi, and Gafgyt, which collectively represent approximately 75% of malicious payloads. This trend underscores the ongoing vulnerability of routers, which constitute 75% of all IoT attacks and remain the primary devices exploited for botnet creation and proxy activities.
Geographical Concentration of Mobile Attacks
Mobile attack activities continue to be concentrated in a limited number of countries, raising concerns about the global implications of these threats. As the landscape evolves, it becomes increasingly crucial for users and organizations to adopt robust security measures to safeguard their devices and data.
- Utilize antivirus applications from reputable publishers.
- Enable ransomware protection features when available.
- Conduct periodic malware removal scans to identify hidden threats.
- Avoid unnecessary app installations, even from familiar categories.
- Carefully review app permissions and deny non-essential access.
- Keep Google Play Protect enabled and perform manual scans regularly.
- Steer clear of downloading apps from links in messages, job portals, or social media.
