What happened
India continues to be the top target for mobile attacks with 38 % increase in threats, according to the latest Zscaler ThreatLabz 2025 Mobile, IoT, and OT Threat Report. India accounted for 26 % of global mobile malware traffic, surpassing the United States (15 %) and Canada (14 %). Attackers deployed hundreds of malicious apps, with 239 identified on the Google Play Store collectively downloaded over 42 million times. Malware families such as backdoor and botnet‑style threats like IoT.Backdoor.Gen.LZ and ABRisk.IOTX operate through layered injection techniques, establishing persistent control and command‑and‑control communications on compromised devices. The surge reflects attackers’ focus on hybrid work tools and mobile integrations across industries, especially retail, wholesale, hospitality, manufacturing, and energy sectors.
Who is affected
Consumers and enterprise mobile users across India are directly affected, with industries like retail and wholesale, hospitality, manufacturing, and energy experiencing elevated threat levels.
Why CISOs should care
Mobile malware surges increase risks of data exfiltration, credential theft, and unauthorized access — amplifying endpoint attack surfaces and requiring tighter mobile threat defense and zero‑trust adoption across hybrid environments.
3 practical actions
- Integrate mobile threat defense: Deploy comprehensive mobile threat detection and response across corporate‑managed and bring‑your‑own devices.
- Harden app vetting: Enforce strict controls on app installations, permissions, and corporate app store policies.
- Monitor industry targets: Track industry‑specific threat indicators and prioritize protection for high‑impact sectors based on mobile risk profiles.