Google has reported a significant reduction in malicious apps attempting to enter the official Play Store, thanks to its AI systems and stricter policies, even as threats shift toward distribution outside the marketplace.
In its latest Android app ecosystem safety report, Google said it prevented 1.75 million policy-violating apps from reaching the Play Store in 2025, marking a decline from 2.36 million in 2024 and 2.28 million in 2023. The company also banned over 80,000 developer accounts attempting to publish malicious apps in 2025, down from 158,000 in 2024 and 333,000 in 2023.
Google attributes the decrease to enhanced security measures, including developer verification, mandatory pre-review checks, and testing requirements. The company states these initiatives have raised the barrier for bad actors and discouraged malicious submissions. Every app now undergoes more than 10,000 safety checks at publication and is rechecked afterward. Google has integrated generative AI models into the review process to assist human reviewers in identifying complex malicious patterns more quickly. The company plans to increase AI investment in 2026 to address emerging threats.
Specific security metrics from 2025 include the prevention of 255,000 apps from gaining excessive access to sensitive user data, a significant drop from 1.3 million in 2024. Google also blocked 160 million spam ratings and reviews, which the company claims prevented an average 0.5-star rating drop for apps targeted by review bombing.
While in-store threats declined, Google Play Protect detected a rising number of malicious apps distributed outside the Play Store. The system identified 27 million new malicious apps in 2025, up from 13 million in 2024 and 5 million in 2023. This trend suggests that malicious actors are increasingly bypassing the official store entirely to target users directly.
