Zimperium report highlights mobile as key attack vector

Zimperium has announced the release of its 2025 Global Mobile Threat Report, which highlights critical mobile threat trends from the past year.

zLabs researchers analysed threat data to uncover evolving and complex attacks and vulnerabilities found across both mobile devices and mobile apps. 

“Cyber-criminals have taken notice”

Shridhar Mittal, Chief Executive Officer, Zimperium commented: “As organisations globally have embraced mobile to improve both productivity and customer engagement, cyber-criminals have taken notice and have transitioned to a mobile-first attack strategy.

“In today’s hybrid work environment, where 70% of organisations support BYOD and actively build mobile apps for both employees and customers, reducing the mobile attack surface requires a comprehensive mobile security strategy covering both mobile devices and mobile applications,” Mittal concluded.

Mishing

While most organisations and security teams are well aware of the dangers posed by traditional phishing, threat actors have begun to look at mobile-targeted phishing (Mishing) as an even more vulnerable attack vector.

Threat actors are able to carry this out due to the unique features of mobile devices and a lower state of vigilance from both users and organisations.

The zLabs researchers found a continued surge in mishing attacks with SMS/text based phishing (Smishing) now 69.3% of all mishing attacks. 

PDF phishing has also emerged as a new attack method.

The company highlights that the report reveals that vishing (voice-call phishing) and smishing attacks on mobile devices have risen dramatically (28% and 22%, respectively).

Mobile malware

The report finds that malware continues to be the weapon of choice of cyber-criminals and advanced persistent threats.

zLabs observed a 50% increase year-over-year in use of Trojans in attacks with new banker trojan families discovered including:

• Vultur
• DroidBot
• Errorfather
• BlankBot

In previous research, Spyware was categorised as top category in 2024 which is not surprising given the ability to exfiltrate data, including credentials and even one-time-passwords from victims without their knowledge.

Mobile app compromise

The apps downloaded by unsuspecting users can lead to serious consequences if they are not properly assessed for threats, including leakage of sensitive data, as well as trojans for delivering malware, particularly if they have not been downloaded from an official app store.

The danger to work apps and data that are on the same device as a compromised app is a substantial risk to organisations.

Likewise, internally developed mobile apps used by customers, suppliers or employees may still lack basic defenses, leaving them vulnerable to reverse engineering, tampering and exploitation.

With over 50% of devices running outdated or compromised operating systems, even well-protected apps are exposed without proper device attestation.

“Constantly evolving their tactics”

Kern Smith, Vice President, Global Solutions Engineering, Zimperium commented: “The research shows that bad actors targeting mobile devices and apps are constantly evolving their tactics, evading detection, often going unnoticed by enterprises.

“To effectively navigate this evolving mobile threat landscape, enterprises need to have real-time threat visibility and comprehensive protection.”

Smith concluded: “Adopting a holistic approach that takes into account the entire mobile ecosystem is vital to stay ahead of bad actors looking to exploit enterprises’ sensitive data and operations.” 

Methodology

To develop the findings in this year’s report, Zimperium analysed anonymised data from mobile devices protected by its Mobile Threat Defense solution and applications scanned by its app analysis engine.

The insights are based on threat and risk telemetry collected over the past year across a global population of iOS and Android devices.

The full report

To access the full 2025 Global Mobile Threat Report, which includes in-depth analysis of mobile app vulnerabilities, device risks and supply chain threats, click here.