The Google Play Store has more than 200 malicious applications that resulted in nearly 8 million downloads onto mobile devices, according to a new report from the cloud security company Zscaler.
With over 95 percent of people accessing the internet using a mobile device, Zscaler’s ThreatLabz 2024 Mobile, IoT, and OT Threat Report signals the urgent need for secure systems. The company’s analysis of mobile and IoT download activity between June 2023 and May 2024 found that financially motivated attacks surged, emphasizing the need for organizations to secure managed and personal devices used for work.
“Cybercriminals are increasingly targeting legacy exposed assets which often act as a beachhead to IoT & OT environments, resulting in data breaches and ransomware attacks,” said Deepen Desai, the chief security officer at Zscaler in a statement. “Mobile malware and [artificial intelligence] driven vishing attacks adds to that list making it critical for CISOs and CIOs to prioritize an AI powered zero trust solution to shut down attack vectors of all kinds safeguarding against these attacks.”
Over 38 percent of malicious apps – often appearing as personalization and photography apps – found on the Google Play Store have “Joker” malware, which silently subscribes users to premium services without their consent. Adware and Facestealer – which specializes in stealing Facebook credentials – are commonly found as malicious apps, according to Zscaler.
Many threats are also financially motivated, the report notes that the Zscaler cloud blocked 45 percent more IoT malware transactions compared to the year before, citing botnets as the driver of the increase.
Banking malware attacks increased by 29 percent, making it “clear that actors are increasingly motivated by the profitability of attacks,” according to the report. Zscaler also notes that many financially motivated malware attacks are “highly capable” of bypassing multifactor authentication and frequently use phishing techniques to do so.
In addition to banking malware, spyware also saw a significant increase, with blocked transactions increasing by 100 percent over the past year. The technology, education, manufacturing, retail, and services sectors received the brunt of the attacks.
IoT and OT threats – which attempt to exploit vulnerabilities in internet-connected devices – also grew in the last year. Zscaler found that the United States remains the top target for IoT botnet attacks, as IoT malware grew by 45 percent.
“As many as 50% of OT devices in many deployments use legacy, end-of-life operating systems that contain known vulnerabilities,” the report says. “This surge in IoT transactions, combined with increased OT system connectivity and the rising threat landscape, underscores the growing complexity and scale of the IoT/OT ecosystem, making it a critical area of focus for security efforts.”
Manufacturing received the most IoT attacks, with transportation and food and beverage following, due to their “extensive reliance on IoT devices, which are often vulnerable to cyberattacks.”
“A single infected IoT device can compromise the entire routable enterprise network— and IoT devices typically lack inbuilt security controls,” says Zscaler. “In response, enterprises will intensify efforts to minimize the attack surface of internet-connected IoT and OT devices. This includes improving security measures that control how these devices connect to larger organizational networks, including by segmenting every device and authorizing every transaction.”
