India Faces 28% Of Global Mobile Malware Threats, Tops Global Rankings: Report
The report analysed a dataset comprising over 20 billion threat-related mobile transactions and associated cyber threats, between June 2023 to May 2024.
India has emerged as the most targeted nation globally for mobile malware attacks, surpassing the United States and Canada, according to the Zscaler ThreatLabz 2024 Mobile, IoT, and OT Threat Report.
With a startling 28% of the world's total mobile malware incidents occurring in India between June 2023 and May 2024, the country has moved up from its previous third-place ranking.
The Zscaler ThreatLabz 2024 Mobile, IoT, and OT Threat Report analysed a dataset comprising over 20 billion threat-related mobile transactions and associated cyber threats between June 2023 and May 2024.
"The United States accounts for 27.3% of the world's total mobile malware incidents, and Canada accounts for 15.9%. This significant jump from its third place ranking last year underscores the critical need for Indian enterprises to adopt robust security measures, especially amid the rapid digital transformation and increasing cyber threats," the report said.
On a positive note, India has improved its ranking as a malware origin point, moving from 5th to 7th place in the APAC (Asia–Pacific) region.
With nearly half of mobile attacks being trojans (malware that tricks users into downloading and running malicious software), the financial sector is particularly vulnerable. The report revealed a 29% increase in banking malware attacks and a staggering 111% rise in mobile spyware attacks.
"Most financially motivated malware attacks are highly capable of bypassing multifactor authentication (MFA) and frequently leverage phishing vectors, such as fake login pages for different financial institutions, social media sites, and crypto wallets," it said.
Phishing attempts targeting mobile customers of major Indian banks, such as HDFC, ICICI, and Axis banks, have increased, according to ThreatLabz analysts. These clever attacks deceive mobile users into disclosing critical bank information by using phoney banking websites that closely mimic the real ones, it said.
Previously, similar tactics were used to spread Android-based phishing malware through fake card update sites, leading to widespread financial fraud.
The Indian postal service has also become a target for attackers. Using SMS messages, they direct mobile users to phishing sites that prompt them to input credit card details. These fraudulent schemes often exploit common scenarios like missing packages and incomplete delivery addresses, capitalising on the urgency created by such messages, the report noted.
Legacy systems and unprotected IoT/OT (Internet of Things/Operational Technology) environments are becoming prime targets for cybercriminals. We see a significant rise in hacking campaigns targeted at these environments.
"It is necessary for Indian enterprises to adopt a robust zero-trust security framework to secure their core operational environments. This will not only protect critical systems but also ensure business continuity in an increasingly connected world," said Suvabrata Sinha, CISO-India, Zscaler.
The report also indicated a concerning global trend, with over 200 malicious applications discovered on the Google Play Store and a 45% year-over-year increase in IoT malware transactions, underscoring the pervasive nature of cyber threats today.
(With inputs from PTI)
