‘Dangerous’ mobile apps on Google Play hit 42 million downloads, India top target: Report

TOI Tech Desk / TIMESOFINDIA.COM / Updated: Nov 08, 2025, 15:15 IST

Text Size

Small
Medium
Large

A Zscaler report reveals over 42 million installs of malicious apps on Google Play, targeting hybrid work. India faces a surge in mobile attacks, accounting for 26% globally. Critical infrastructure, especially the energy sector, is also under escalating threat, with a 387% attack increase. Cybercriminals are shifting focus from card fraud to mobile payments.

‘Dangerous’ mobile apps on Google Play hit 42 million downloads, India top target: Report

A report from the cloud security company Zscaler has claimed that hundreds of malicious applications were hosted on the Google Play Store, collectively racking up over 42 million installs. The findings, published in Zscaler’s ThreatLabz 2025 Mobile, IoT, and OT Threat Report, says that there’s a global surge in Android malware, with India identified as the world’s top target for mobile attacks.The report, released recently is based on data collected from the Zscaler cloud between June 2024 and May 2025.

Google hits $3 trillion: How Alphabet became the fastest to reach the milestone

Mobile malware increases by 67%

Zscaler’s ThreatLabz researchers say that they have identified 239 malicious applications that were hosted on the Google Play Store, capitalising on the demand for hybrid work tools. The apps were frequently disguised within the "Tools" category as productivity and workflow utilities, leading to 42 million downloads globally, the report claimed.The findings reflect a continuous increase in digital risk, with Android malware transactions seeing a 67% year-over-year increase. This rise is driven by the sustained use of spyware and banking malware.

India leads in mobile attack volume

Globally, mobile threats are heavily concentrated in three major regions, but India bears the largest brunt of the activity. India accounted for 26% of all observed mobile attacks, experiencing a 38% increase in mobile threat attacks compared to the previous year.

In contrast, the United States remains the epicenter for IoT (Internet of Things) attacks, accounting for 54% of that activity, followed by Hong Kong (15%).The report emphasises that cybercriminals are pivoting to sectors where attacks yield maximum impact:Energy sector: The energy sector experienced a substantial 387% increase in attacks compared to the previous year, highlighting an escalating threat to critical infrastructure.Manufacturing and transportation: These two sectors remain the most frequently targeted verticals in the IoT landscape, together accounting for over 40% of total IoT malware incidents. The report also said that hackers are abandoning card-focused fraud in favour of mobile payments.

About the AuthorTOI Tech Desk

The TOI Tech Desk is a dedicated team of journalists committed to delivering the latest and most relevant news from the world of technology to readers of The Times of India. TOI Tech Desk’s news coverage spans a wide spectrum across gadget launches, gadget reviews, trends, in-depth analysis, exclusive reports and breaking stories that impact technology and the digital universe. Be it how-tos or the latest happenings in AI, cybersecurity, personal gadgets, platforms like WhatsApp, Instagram, Facebook and more; TOI Tech Desk brings the news with accuracy and authenticity.

End of Article