Zimperium, the global leader in mobile security, today announced the release of its 2025 Global Mobile Threat Report, which highlights critical mobile threat trends from the past year. zLabs researchers analyzed threat data to uncover evolving and complex attacks and vulnerabilities found across both mobile devices and mobile apps. 

"As organizations globally have embraced mobile to improve both productivity and customer engagement, cybercriminals have taken notice and have transitioned to a mobile-first attack strategy," said Shridhar Mittal, Chief Executive Officer, Zimperium. "In today's hybrid work environment, where 70% of organizations support BYOD and actively build mobile apps for both employees and customers, reducing the mobile attack surface requires a comprehensive mobile security strategy covering both mobile devices and mobile applications."

Mishing – Remains Top Threat Facing Businesses

While most organizations and security teams are well aware of the dangers posed by traditional phishing, threat actors have begun to look at mobile-targeted phishing (Mishing) as an even more vulnerable attack vector due to the unique features of mobile devices and a lower state of vigilance from both users and organizations. The zLabs researchers found a continued surge in mishing attacks with SMS/text based phishing (Smishing) now 69.3% of all mishing attacks.  PDF phishing has also emerged as a new attack method. Notably, the report reveals that vishing (voice-call phishing) and smishing attacks on mobile devices have risen dramatically (28% and 22%, respectively).

Mobile Malware - Cybercriminals' Continued Weapon of Choice

Malware continues to be the weapon of choice of cybercriminals and advanced persistent threats. zLabs observed a 50% increase year-over-year in use of Trojans in attacks with new banker trojan families discovered including: Vultur, DroidBot, Errorfather and BlankBot. Spyware was categorized as top category in 2024 which is not surprising given the ability to exfiltrate data, including credentials and even one-time-passwords from victims without their knowledge.

Despite Rising Awareness, Mobile App Compromise Continues

The apps downloaded by unsuspecting users can lead to serious consequences if they are not properly assessed for threats, including leakage of sensitive data, as well as trojans for delivering malware, particularly if they have not been downloaded from an official app store. The danger to work apps and data that are on the same device as a compromised app is a substantial risk to organizations.

Likewise, internally developed mobile apps used by customers, suppliers or employees may still lack basic defenses, leaving them vulnerable to reverse engineering, tampering, and exploitation. With over 50% of devices running outdated or compromised operating systems, even well-protected apps are exposed without proper device attestation.

"The research shows that bad actors targeting mobile devices and apps are constantly evolving their tactics, evading detection, often going unnoticed by enterprises," said Kern Smith, Vice President, Global Solutions Engineering, Zimperium. "To effectively navigate this evolving mobile threat landscape, enterprises need to have real-time threat visibility and comprehensive protection. Adopting a holistic approach that takes into account the entire mobile ecosystem is vital to stay ahead of bad actors looking to exploit enterprises' sensitive data and operations."