Google Blocked 1.75 Million Malicious Apps in 2025, Annual Security Report Reveals
Google Blocked 1.75 Million Malicious Apps in 2025, Annual Security Report Reveals
- 60% of MD5 Password Hashes Can Be Cracked in Under an Hour with a Single GPU
- Dirty Frag: Root Access on Every Major Linux Distribution — No Patch, No Warning
- Ubuntu 26.04 LTS (Resolute Raccoon): The Most Ambitious Ubuntu LTS in a Decade
- Proton Mail: Data Transferred to FBI Again!
- How Close Are Quantum Computers to Breaking RSA-2048?
- How to Prevent Ransomware Infection Risks?
- What is the best alternative to Microsoft Office?
Google Blocked 1.75 Million Malicious Apps in 2025, Annual Security Report Reveals
February 20, 2026 | Technology & Cybersecurity
Google has released its annual Android and Google Play security summary, detailing how the company protected billions of users from malicious apps, financial fraud, and privacy abuses throughout 2025.
Published on February 19, 2026, the report paints a comprehensive picture of an increasingly AI-powered defense strategy — and an evolving threat landscape that continues to push bad actors outside the bounds of the official app store.
1.75 Million Apps Blocked Before Reaching Users
At the heart of the report is a striking figure: Google prevented over 1.75 million policy-violating apps from being published on Google Play in 2025, while banning more than 80,000 fraudulent developer accounts that attempted to push harmful apps onto the platform. The numbers reflect a meaningful shift from previous years — in 2024, Google blocked 2.36 million apps and banned 158,000 accounts, while 2023 saw 2.28 million apps blocked and 333,000 account bans.
Google attributes the decline in blocked apps not to fewer threats, but to stronger deterrents. Initiatives such as mandatory developer verification, pre-release checks, and stricter testing requirements have, in Google’s words, “raised the bar for the Google Play ecosystem, significantly reducing the paths for bad actors to enter.” In effect, more malicious actors are being stopped before they even try.
Every app submitted to Google Play undergoes more than 10,000 automated safety checks, both before and after publication. In 2025, Google also integrated its latest generative AI models into the human review pipeline, enabling reviewers to detect complex and evolving malicious patterns more quickly and accurately than before.
Privacy protection was also a standout focus: over 255,000 apps were blocked from obtaining excessive access to sensitive user data — such as location, contacts, and photos — down significantly from 1.3 million in 2024, a sign that developers are increasingly building with privacy in mind from the start.
Play Protect: 350 Billion Scans a Day
Google Play Protect, Android’s built-in security suite, has grown into one of the most expansive real-time threat detection systems in the world. It now scans over 350 billion Android apps every single day — covering not just apps downloaded from the Play Store, but also apps sideloaded from third-party sources such as web browsers and messaging platforms.
In 2025, Play Protect’s real-time scanning identified more than 27 million new malicious apps sourced from outside Google Play, warning users or blocking the apps outright. This figure is sharply up from 13 million in 2024 and just 5 million in 2023, a trend that signals a growing shift in attacker strategy: as the Play Store becomes harder to infiltrate, bad actors are increasingly targeting users through unofficial channels.
Fraud Protection Expanded Globally
Google’s enhanced fraud protection feature, which automatically analyzes and blocks the installation of apps that abuse sensitive permissions, has expanded dramatically. After a successful initial pilot in Singapore, the feature has been rolled out to 185 markets, now covering over 2.8 billion Android devices worldwide.
The results speak for themselves. In 2025, the feature blocked 266 million risky installation attempts and protected users from 872,000 unique high-risk applications — particularly those sideloaded through browsers or messaging apps that request sensitive permissions upon installation.
New Protection Against In-Call Social Engineering
One of the more novel additions in 2025 was a safeguard specifically designed to counter phone-based social engineering attacks. Scammers frequently impersonate tech support agents or trusted contacts, persuading victims to disable their phone’s built-in security features during a live call before installing malicious software.
To combat this, Google introduced a feature that proactively prevents users from disabling Google Play Protect while a phone call is in progress — cutting off a key tactic that scammers have relied upon.
Fighting Fake Reviews: 160 Million Spam Ratings Blocked
Beyond protecting against malware, Google also tackled manipulation of the Play Store itself.
Automated anti-spam systems blocked 160 million fake ratings and reviews in 2025, including coordinated “review-bombing” campaigns designed to artificially lower the scores of legitimate apps.
Google says these efforts prevented an average rating drop of 0.5 stars for targeted apps, protecting both user trust and developer reputation.
Play Integrity API and Android 16 Protections
On the developer side, the Play Integrity API — which helps apps and games verify that they are running on genuine, unmodified Android devices — now processes over 20 billion integrity checks per day. In 2025, Google added hardware-backed signals to make device spoofing significantly harder, and introduced in-app prompts that allow users to resolve common issues without leaving the app.
A new device recall feature, currently in beta, enables developers to identify repeat bad actors even after a factory reset, while preserving user privacy.
Android 16, released mid-year, brought built-in protections against “tapjacking” attacks — where malicious overlays hijack a user’s taps to generate fraudulent ad revenue or approve unauthorized actions — requiring minimal code changes from developers to implement.
Developer Verification to Expand in 2026
Looking ahead, Google confirmed it will extend developer identity verification beyond the Play Store to the broader Android ecosystem, ensuring that every app is traceable to a real, accountable identity. A lighter account tier will be introduced for students and hobbyists who want to distribute apps at a limited scale without full verification requirements.
“Our top priority remains making Google Play and Android the most trusted app ecosystems for everyone,” Google stated in the report. “This year, we’ll continue to invest in AI-driven defenses to stay ahead of emerging threats and equip Android developers with the tools they need to build apps safely.”
Sources: Google Security Blog, Google Play Blog (February 19, 2026)
