Google Blocks 2.28 Million Malicious Apps from Play Store in Security Crackdown

In a continued commitment to enhancing user safety and trust, Google has outlined significant strides made in 2023 to mitigate malicious activities across the Android ecosystem.

Guided by the SAFE principles Safeguard Users, Advocate for Developer Protection, Foster Responsible Innovation, and Evolve Platform Defenses, the company has implemented new strategies, reinforced policies, and adopted advanced technologies to stay ahead of emerging security threats.

One of the most notable achievements was preventing the publication of 2.28 million policy-violating apps on Google Play, achieved through enhanced developer review processes and advanced machine learning-driven app evaluations.

Google also banned 333,000 malicious developer accounts, attributed to confirmed malware and serial policy violations.

Furthermore, nearly 200,000 app submissions were either rejected or modified to ensure stricter compliance with sensitive permission policies, such as background location access and SMS usage.

To fortify user privacy at scale, Google collaborated with Software Development Kit (SDK) providers, limiting sensitive data sharing for over 31 SDKs affecting more than 790,000 apps.

The Google Play SDK Index was also expanded to encompass nearly 6 million apps, enabling developers to make informed SDK choices and reduce integration risks.

Developer Accountability

Google took a significant step by restructuring the App Defense Alliance (ADA) in partnership with Microsoft and Meta under the Joint Development Foundation.

This initiative aims to drive industry-wide adherence to app security best practices.

Meanwhile, transparency efforts were bolstered with new Play Store labeling for VPN apps that undergo independent security reviews under the Mobile App Security Assessment (MASA) framework, helping users identify apps prioritizing privacy and security.

To counter threats beyond the Play Store, Google Play Protect further enhanced its real-time code-level scanning capabilities.

Powered by machine learning algorithms analyzing extensive behavioral signals, these measures identified over 5 million new malicious apps distributed outside the Play Store.

Google also introduced more stringent developer requirements to improve app quality and accountability.

New guidelines now mandate testing for new developers before apps are made publicly available.

Developers are also required to provide enhanced identity verification, such as D-U-N-S numbers for organizations, and detailed profiles in the “About the Developer” section.

Additionally, apps enabling account creation must now feature easy-to-access account and data deletion options within the app and online, ensuring users’ control over their personal information.

In 2024, Google plans to escalate efforts against non-compliance by removing apps that fail to disclose transparent privacy practices.

The company has also filed a federal lawsuit against individuals responsible for fraudulent crypto exchange apps on Play, signaling its intent to hold malicious actors accountable.

With a robust roadmap for improving Android security, privacy, and user control, Google remains steadfast in its mission to provide a safer, more reliable platform for developers and users worldwide.

Are you from SOC/DFIR Teams? – Analyse Malware Files & Links with ANY.RUN Sandox -> Try for Free