With the rapid advancement of technology, IoT has become inseparable from human lives. IoT is extensively used in transport, healthcare, manufacturing, among other sectors. However, this technology lacks sufficient security defense capabilities, thus becoming a highway for malicious actors. IoT networks use infrastructure-based (INF) and device-to-device (D2D) communications to propagate data. The INF communication utilizes technologies such as WLAN, LTE, GPRS, and GSM to relay information from source to destination. The D2D paradigm, on the other hand, is a close-proximity communication in which sensors exchange data in a multi-hop manner. Since malware can utilize both D2D and INF links to spread out, IoT networks are exceptionally vulnerable to attacks. Therefore, we propose Susceptible-Exposed-Infected-Recovered-Dead (SEIRD) model to examine the dynamics of IoT malware spread via INF and D2D communications.We analyze the impacts of mobility on infection propagation and illustrate that our model adequately captures IoT malware spread behaviors through mathematical analysis and simulations. We also compute the malware transmission threshold, which can be used as a guideline to mitigate and suppress an attack.