Google reported a decline in malicious applications targeting its Play Store in 2025, attributing the trend to enhanced AI-driven security measures. The company prevented 1.75 million policy-violating apps from publication, down from 2.36 million in 2024. Additionally, over 80,000 developer accounts attempting to publish malicious apps were banned. Google’s Android app ecosystem safety report highlights the impact of proactive defenses, including over 10,000 safety checks per app and generative AI integration for human reviewers.
The annual report details a sustained reduction in policy-violating apps and banned accounts over the last three years. In 2024, Google blocked 2.36 million apps and banned 158,000 accounts, while 2023 figures stood at 2.28 million apps and 333,000 bans. The company attributes the 2025 decline to “initiatives like developer verification, mandatory pre-review checks, and testing requirements,” which “raised the bar for the Google Play ecosystem, significantly reducing the paths for bad actors to enter.” Google stated its “AI-powered, multi-layer protections” have been “discouraging bad actors from publishing malicious apps.”
Google has integrated generative AI models into its review process to assist human reviewers in identifying complex malicious patterns more rapidly. The company now conducts over 10,000 safety checks on every application both at publication and post-publication. These checks are part of a broader strategy to maintain ecosystem integrity. Google plans to increase AI investments in 2026 to address emerging threats. This expansion aims to further automate detection and maintain the effectiveness of security protocols.
Specific data protections were also implemented to safeguard user privacy. Google prevented 255,000 apps from gaining excessive access to sensitive user data, a significant reduction from 1.3 million in 2024. Furthermore, the company blocked 160 million spam ratings and reviews. This action prevented an average 0.5-star rating drop for apps targeted by review bombing campaigns. These defensive measures target manipulative behaviors intended to mislead users or damage developer reputations.
Google Play Protect, the platform’s defense system, identified 27 million new malicious apps originating outside the Play Store, warning users or blocking execution. This figure represents an increase from 13 million in 2024 and 5 million in 2023. The rising numbers of non-Play Store malicious apps suggest that bad actors are increasingly bypassing the official store entirely to target users directly. This shift indicates that while Play Store entry barriers have risen, external threats to Android devices are growing in volume.
Featured image credit
