Google: AI systems blocked 1.75 million malicious apps in 2025
Google had to remove significantly fewer malicious programs from the Play Store in 2025 – a success of intensified security measures and AI-powered controls.
(Image: JarTee / Shutterstock.com)
Last year, Google intercepted 1.75 million apps before they could appear in the Play Store. The company announced this in a blog post. The figure is significantly lower than in previous years: in 2024, it was still 2.36 million apps, and in 2023, it was 2.28 million. Google attributes the lower number to successful preventive measures.
At the same time, Google blocked more than 80,000 developer accounts that had attempted to publish malicious applications. Here too, a significant decrease is evident: in 2024, Google had blocked 158,000 accounts, and in 2023, as many as 333,000.
AI supports human reviewers
Google attributes the decrease in blocked apps to proactive protection measures. Developers now have to undergo verification before they can submit apps. Furthermore, according to Google, it performs more than 10,000 security checks per app – both before and after publication.
Videos by heise
Generative AI models play a central role in the review process. They help human reviewers to identify complex malware patterns more quickly. The multi-layered, AI-powered protection mechanisms have a deterrent effect on attackers, Google emphasizes. Those who want to submit malicious apps now have to overcome significantly higher hurdles.
27 million external malicious apps detected
While the number of blocked Play Store apps is decreasing, the threat from sideloading is increasing: in 2025, Google Play Protect detected more than 27 million malicious apps outside the official store and warned users or blocked their installation. In 2024, it was still 13 million, and in 2023, only 5 million. The protection service scans more than 350 billion Android apps on devices worldwide every day.
The sharp increase in external malware aligns with Google's plans to make sideloading of unverified apps more complex starting in fall 2026. The danger of malware in the Play Store was demonstrated, for example, by the case of the Anatsa malware: in August 2025, 77 apps with 19 million installations were discovered that contained banking Trojans.
Protection against data access and spam reviews
In 2025, Google also prevented more than 255,000 apps from gaining excessive access to sensitive user data. The previous year, it was still 1.3 million apps – the decrease suggests that developers are increasingly adhering to privacy policies.
Google also took action against manipulated reviews: 160 million spam ratings and reviews were blocked. Review bombing, where apps are damaged by coordinated negative reviews, leads to an average decrease of 0.5 stars. Such attacks can destroy user trust and hinder developer growth, Google warns.
To support developers in complying with policies, Google has introduced new tools. Play Policy Insights is now integrated into Android Studio and helps programmers design their apps to be more privacy-friendly. The Data Safety Section transparently shows which permissions an app requires. For 2026, Google plans further investments in AI-powered defense mechanisms and aims to expand developer verification on Android.
(mki)
