Google Play Blocks 1.75M Malicious Apps, But Hackers Are Going Elsewhere

The 1.75 Million Apps That Never Made It

Google blocked 1.75 million policy-violating apps from reaching Google Play in 2025—a 26% drop from 2024's 2.36 million. But before you celebrate this apparent victory against cybercrime, consider this: malicious apps discovered outside the Play Store more than doubled.

Google's Play Protect system identified 27 million new malicious apps beyond its official storefront, up from 13 million in 2024 and just 5 million in 2023. The message is clear: as Google's walls get higher, bad actors are simply walking around them.

This isn't just about numbers—it's about a fundamental shift in how cybercriminals operate. They're not giving up; they're adapting.

AI vs. Human Ingenuity: The New Arms Race

Google now runs over 10,000 safety checks on every app, powered by what the company calls "AI-powered, multi-layer protections." The tech giant has integrated its latest generative AI models into the app review process, helping human reviewers spot complex malicious patterns faster than ever before.

The results speak volumes: banned developer accounts dropped to 80,000 in 2025, down from 158,000 in 2024 and 333,000 in 2023. Google's blog post suggests these AI systems aren't just catching bad actors—they're discouraging them from trying in the first place.

"Initiatives like developer verification, mandatory pre-review checks, and testing requirements have raised the bar for the Google Play ecosystem," Google explained. Translation: the cost of attempting malicious activity has gone up significantly.

The Privacy Paradox: Better Protection, New Concerns

Google prevented 255,000 apps from gaining excessive access to sensitive user data in 2025—a dramatic improvement from 1.3 million in 2024. The company also blocked 160 million spam ratings and reviews, protecting apps from coordinated review bombing attacks.

But here's where it gets interesting for everyday users: as Google's security tightens, the definition of "excessive access" becomes increasingly important. What constitutes legitimate data collection versus privacy invasion? Google's AI is making these judgment calls at scale, essentially becoming the arbiter of acceptable app behavior.

For developers, this creates a new challenge: building apps that satisfy both user needs and Google's increasingly sophisticated AI gatekeepers. The line between useful functionality and suspicious behavior is being redrawn by algorithms.

The Unintended Consequences

Google's success in securing the Play Store may be creating a more dangerous landscape elsewhere. As cybercriminals migrate to alternative distribution methods—sideloading, third-party app stores, social engineering—users face threats that bypass Google's protective systems entirely.

This shift puts greater responsibility on individual users to recognize and avoid threats. While Google can protect its own ecosystem, it can't control what users download from other sources. The company plans to increase AI investments in 2026, but will this technological arms race ever truly end?