Google Blocks 2.36 Million Risky Android Apps from Play Store in 2024

Google blocked 2.36 million Android app submissions to the Play Store in 2024 due to violations of its policies that made them potentially risky for users. In addition, 158,000 developer accounts were banned for attempting to publish harmful apps like malware and spyware on Android’s official app store. In comparison, Google blocked 2,280,000 risky apps in 2023 and 1,500,000 apps in 2022, while the figures for blocked Play developer accounts were 333,000 and 173,000, respectively. The increasing trend highlights the persistent threat posed by malicious actors and the need for continuous improvements in security measures.

AI-Powered App Review Process

The larger number of blocked apps in 2024 is partly attributed to AI assisting human reviews, which was used in 92% of the violating cases. Artificial intelligence has played a crucial role in enhancing the efficiency and accuracy of the app review process, identifying potentially harmful software before it reaches users.

Today, over 92% of our human reviews for harmful apps are AI-assisted, allowing us to take quicker and more accurate action to help prevent harmful apps from becoming available on Google Play,” explained Google. “That’s enabled us to stop more bad apps than ever from reaching users through the Play Store, protecting users from harmful or malicious apps before they can cause any damage.

This AI-driven approach ensures that malicious apps are identified more efficiently, significantly reducing the number of security incidents caused by rogue applications. Despite these advancements, cybercriminals continue to evolve their tactics to bypass security measures, making vigilance and continuous updates essential.

Enhanced Permissions Control

Apart from rejections and blocks, Google reports that it has also prevented 1.3 million apps from getting excessive permissions that would have granted them unnecessary access to sensitive user data. This represents a significant step toward enhancing user privacy and security, preventing data leaks and unauthorized access by malicious applications.

Developers are now required to justify their requests for sensitive permissions, and Google Play’s security policies have been strengthened to ensure compliance. Apps requesting excessive permissions without clear functionality purposes are flagged and reviewed more rigorously.

Google Play Protect: Strengthening Android Security

Google Play Protect, Android’s built-in security system, received significant upgrades in 2024 to enhance real-time protection against malicious apps, scams, and fraud, even for apps installed outside the Play Store. The tech giant says Android’s default protection suite scanned over 200 billion apps daily, performing live code-level analysis. During 2024, these scans identified over 13 million new malware apps sourced from outside Google Play. This improvement underscores Google’s commitment to securing the Android ecosystem beyond just the Play Store. Many Android users sideload apps from third-party sources, which often lack the rigorous vetting process applied to Play Store apps. Google Play Protect’s enhancements aim to safeguard users from threats originating from external sources as well.

Developer Tools and SDK Security

App developers were also given new tools to better secure their apps from malicious SDKs and abuse, with the Google Play SDK index expanding greatly last year to add another 80 trusted SDKs. This initiative provides developers with a verified and secure foundation for building applications, reducing the risk of supply chain attacks where malicious code is injected through third-party SDKs.

Moreover, increased adoption of the Play Integrity API saw an 80% reduction in abuse from untrusted sources. In comparison, 91% of app installs now use security and privacy protection features available in Android 13 and later. This widespread adoption reflects a growing awareness among developers and users regarding the importance of security in mobile applications.

Blocking Untrusted APK Installations

Google’s untrusted APK installation blocking system, first launched as a pilot in Singapore in February 2024, has now been expanded to Brazil, Hong Kong, India, Kenya, Nigeria, the Philippines, South Africa, Thailand, and Vietnam. This system prevents users from installing APK files from unverified sources, reducing the risk of malware infections.

Its 2024 success is reflected in stopping 36 million installation attempts of 200,000 unique apps from nesting in 10 million Android devices. This development highlights the increasing prevalence of malware distribution through unofficial channels and the effectiveness of proactive security measures.

The Ongoing Battle Against Cyber Threats

As Google strengthens Android protections yearly, gaps in security remain, and cybercriminals employ new, more advanced methods to bypass automated scanners. These evolving threats include obfuscation techniques, delayed payload deployment, and social engineering tactics that trick users into granting permissions or installing harmful applications.

Users must remain vigilant, only trust reputable publishers, keep the number of installed apps at the minimum necessary, scrutinize and revoke risky app permissions, and ensure Play Protect is running at all times. While Google’s advancements have significantly improved Android security, user awareness and caution remain critical components in preventing cyber threats.

Looking Ahead: The Future of Android Security

The continued integration of artificial intelligence, machine learning, and user education is expected to further strengthen the security of the Android ecosystem. Google is likely to enhance its detection mechanisms, improve developer guidelines, and collaborate with cybersecurity researchers to stay ahead of emerging threats.

Additionally, Google may expand its untrusted APK blocking feature to more regions, increasing global protection against unauthorized app installations. Further improvements in Play Protect and API security measures will ensure that both developers and users benefit from a safer mobile experience.

The increasing number of blocked apps over the years shows that Google’s proactive approach is necessary to combat rising cyber threats. While the Android ecosystem remains an attractive target for cybercriminals due to its open nature, the tech giant’s efforts in implementing strict policies and security measures demonstrate its commitment to user safety.

Conclusion

Google’s stringent measures in 2024 resulted in the blocking of 2.36 million risky apps and the banning of 158,000 developer accounts, showcasing the importance of continuous security improvements. The use of AI-assisted reviews, strengthened Play Protect security, enhanced permissions control, and the blocking of untrusted APK installations have all contributed to a safer Android ecosystem.

However, the fight against cyber threats is ongoing, and users play a crucial role in ensuring their own security. By being cautious, verifying app sources, and using Android’s built-in security features, users can further protect themselves from potential threats. As the landscape of mobile security continues to evolve, Google’s commitment to protecting users remains essential in maintaining trust in the Android ecosystem.