Security researchers reported hundreds of fake apps to Google last year, warning that millions of users may have unknowingly infected their devices with malware.
Zscaler stated its claim as follows: ThreatLabz 2024 Mobile, IoT, OT Threat Report, This covers the period from June 2023 to April 2024.
The security vendor discovered over 200 malicious apps on Google Play during the same period. Google Play is nominally a safer platform for downloading Android than third-party app stores. Together, these apps garnered more than 8 million installs.
Of these, Joker was the most prevalent malware on the site, accounting for nearly two-fifths (38%) of the malicious apps identified by Zscaler. Joker enables Wireless Application Protocol (WAP) fraud by secretly subscribing to premium rate services without the victim’s consent.
Adware came in second place, accounting for 35% of detected malware, followed by Facestealer (14%), which is designed to collect Facebook credentials and hijack accounts.
More on mobile threats: Mobile banking malware spikes 32%.
The ‘Tools’ category is the most exploited by attackers on the Play Store, accounting for almost half (48%) of apps infected with malware. Malicious personalization apps (15%) and photo apps (11%) were also common.
Almost half (46%) of attacks are now Trojan horses, and last year the technology (18%), education (18%), and manufacturing (14%) sectors bore the brunt of mobile malware. In the education sector, attacks increased by 136% annually.
Zscaler said mobile banking malware (29%) and mobile spyware (111%) also saw significant annual growth during the reporting period.
For the first time, India recorded the largest share of mobile attacks (28%), followed by the US (27%) and Canada (27%).
Zscaler’s report also highlights the threat to enterprises from legacy and end-of-life operating systems that often run on OT equipment. These systems often cannot be updated because the underlying hardware is not compatible with the new version, or because they are too mission-critical to take testing and patching offline.
“Cybercriminals are increasingly targeting legacy public assets that often serve as beachheads into IoT and OT environments, leading to data breaches and ransomware attacks,” said Deepen Desai, CSO at Zscaler. says.
“With mobile malware and AI-powered vishing attacks joining the list, CISOs and CIOs can prioritize AI-powered Zero Trust solutions to block all types of attack vectors and protect against these attacks. It becomes important.”
Image credit: East Pop / Shutterstock.com
