News
July 29, 2025
2025 marked a turning point in mobile security, particularly in Android security. This is evident not only from the volume of threats detected (already alarming in itself) but also from the way these threats are being orchestrated. According to the latest report by Malwarebytes, Android malware rose by 151% in the first half of the year 2025. A figure that alone suggests escalation, and becomes even more significant when seen in the broader context: spyware increased by 147%, while SMS-based threats (smishing) grew by 692% in just two months.
The data clearly shows we are no longer dealing with opportunistic, random attacks. These are structured campaigns, planned with scale, monetization, and persistence in mind.
The real leap in mobile cybercrime in 2025 lies in the adoption of a model that replicates evolved business dynamics: threats are deployed according to user activity peaks such as tax season or holidays and tailored campaigns are developed using apps that appear useful (financial apps, fake system updates, institutional tools) but conceal malicious behavior.
In particular, apps like SpyLoan offer loans with “too good to be true” conditions and no verification, luring financially vulnerable users into downloading them. Once installed, these apps steal personal and financial data. Attackers exploit psychological levers like urgency and stress, showing how intentional and targeted these threats have become.
Their ability to disguise themselves has also improved. Malicious apps are distributed not only through unofficial stores, but also via the Google Play Store, with a level of legitimacy sufficient to bypass automated controls. Some are even delivered as updates or support tools, reinforcing the illusion of reliability.
To detect such threats, Mobisec provides a service designed to proactively identify anomalies, even in the most difficult environments to monitor.
Beyond individual threats, what makes the situation truly critical is the structural state of the Android security ecosystem. Over 30% of Android devices in circulation still run outdated operating systems—systems that no longer receive security patches but are actively used in both personal and business contexts.
Moreover, in many emerging markets (and not just there) devices are sold with preinstalled malware. These devices are already compromised out of the box, and no factory reset can restore them to a secure state.
Companies that allow employees to use personal devices for work are exposing themselves to an attack surface they don’t fully control and often cannot even monitor.
This is where centralized management through UEM becomes crucial.
Mobisec helps organizations gain full visibility over all authorized devices corporate and personal by detecting outdated OS versions, non-compliant apps, and attempts to tamper with configurations.
One of the most effective malware delivery channels in 2025 is smishing, or SMS-based phishing. What’s new is that the messages are now generated, or at least optimized, using AI tools, making the texts more convincing, coherent, and contextually accurate.
Messages mimic communications from couriers, banks, government agencies, or digital services. The language is polished, the tone credible, and the calls to action are crafted to generate urgency. The result is much higher open rates than in the past, and therefore a higher infection rate.
In addition, attackers are increasingly using PDF phishing techniques. These are seemingly harmless files that act as gateways to device compromise. Traditional protections are no longer enough—what’s needed is an approach based on behavior, context, and risk.
The Bring Your Own Device model offers flexibility, productivity, and cost savings. But it also makes enterprise security more porous. If a personal device becomes infected and is also used to access company resources, the entire business network is exposed.
This isn’t just a question of antivirus or mobile security apps. A structured strategy is needed, one that includes centralized control, access segmentation, policy enforcement, and the ability to isolate suspicious devices.
Mobisec supports organizations looking to redefine their BYOD strategy with practical, flexible tools.
From controlled onboarding to segmented risk management, each element is designed to minimize operational impact and maximize security.
In 2025, Android security is under serious pressure.
Cybercriminals are building scalable, resilient systems based on social engineering and advanced techniques. This is a full-fledged underground economy fueled by data and neglected vulnerabilities.
Mobile security is now the real risk perimeter for any organization that relies on mobile devices, remote access, or digital services.
The time to act is now—with specialized tools, full visibility, and measurable strategies.
Request a cybersecurity consultation to assess your mobile security posture