Cyber Security News

Google Blocks 2.28 Million Malicious Apps from Play Store in Security Crackdown

In a continued commitment to enhancing user safety and trust, Google has outlined significant strides made in 2023 to mitigate malicious activities across the Android ecosystem.

Guided by the SAFE principles Safeguard Users, Advocate for Developer Protection, Foster Responsible Innovation, and Evolve Platform Defenses, the company has implemented new strategies, reinforced policies, and adopted advanced technologies to stay ahead of emerging security threats.

One of the most notable achievements was preventing the publication of 2.28 million policy-violating apps on Google Play, achieved through enhanced developer review processes and advanced machine learning-driven app evaluations.

Google also banned 333,000 malicious developer accounts, attributed to confirmed malware and serial policy violations.

Furthermore, nearly 200,000 app submissions were either rejected or modified to ensure stricter compliance with sensitive permission policies, such as background location access and SMS usage.

To fortify user privacy at scale, Google collaborated with Software Development Kit (SDK) providers, limiting sensitive data sharing for over 31 SDKs affecting more than 790,000 apps.

The Google Play SDK Index was also expanded to encompass nearly 6 million apps, enabling developers to make informed SDK choices and reduce integration risks.

Developer Accountability

Google took a significant step by restructuring the App Defense Alliance (ADA) in partnership with Microsoft and Meta under the Joint Development Foundation.

This initiative aims to drive industry-wide adherence to app security best practices.

Meanwhile, transparency efforts were bolstered with new Play Store labeling for VPN apps that undergo independent security reviews under the Mobile App Security Assessment (MASA) framework, helping users identify apps prioritizing privacy and security.

To counter threats beyond the Play Store, Google Play Protect further enhanced its real-time code-level scanning capabilities.

Powered by machine learning algorithms analyzing extensive behavioral signals, these measures identified over 5 million new malicious apps distributed outside the Play Store.

Google also introduced more stringent developer requirements to improve app quality and accountability.

New guidelines now mandate testing for new developers before apps are made publicly available.

Developers are also required to provide enhanced identity verification, such as D-U-N-S numbers for organizations, and detailed profiles in the “About the Developer” section.

Additionally, apps enabling account creation must now feature easy-to-access account and data deletion options within the app and online, ensuring users’ control over their personal information.

In 2024, Google plans to escalate efforts against non-compliance by removing apps that fail to disclose transparent privacy practices.

The company has also filed a federal lawsuit against individuals responsible for fraudulent crypto exchange apps on Play, signaling its intent to hold malicious actors accountable.

With a robust roadmap for improving Android security, privacy, and user control, Google remains steadfast in its mission to provide a safer, more reliable platform for developers and users worldwide.

Are you from SOC/DFIR Teams? – Analyse Malware Files & Links with ANY.RUN Sandox -> Try for Free

Aman Mishra

Aman Mishra is a Security and privacy Reporter covering various data breach, cyber crime, malware, & vulnerability.

Recent Posts

Zero-Trust Policy Bypass Enables Exploitation of Vulnerabilities and Manipulation of NHI Secrets

A new project has exposed a critical attack vector that exploits protocol vulnerabilities to disrupt…

2 days ago

Threat Actor Sells Burger King Backup System RCE Vulnerability for $4,000

A threat actor known as #LongNight has reportedly put up for sale remote code execution…

2 days ago

Chinese Nexus Hackers Exploit Ivanti Endpoint Manager Mobile Vulnerability

Ivanti disclosed two critical vulnerabilities, identified as CVE-2025-4427 and CVE-2025-4428, affecting Ivanti Endpoint Manager Mobile…

2 days ago

Hackers Target macOS Users with Fake Ledger Apps to Deploy Malware

Hackers are increasingly targeting macOS users with malicious clones of Ledger Live, the popular application…

2 days ago

EU Targets Stark Industries in Cyberattack Sanctions Crackdown

The European Union has escalated its response to Russia’s ongoing campaign of hybrid threats, announcing…

2 days ago

Venice.ai’s Unrestricted Access Sparks Concerns Over AI-Driven Cyber Threats

Venice.ai has rapidly emerged as a disruptive force in the AI landscape, positioning itself as…

3 days ago