Google Play Blocked 1.75 Million Harmful Apps in 2025: The Full Security Breakdown

Key Takeaways

• Google blocked 1.75 million policy-violating apps in 2025, down from 2.36 million in 2024 as AI-driven deterrence took hold
• Play Protect now scans over 350 billion Android apps daily, up from 200 billion daily scans in 2024
• Real-time scanning caught more than 27 million new malicious sideloaded apps in 2025, up from 13 million in 2024
• 80,000 bad developer accounts were banned in 2025, compared to 158,000 in 2024

Google Play stopped more harmful apps in 2025 than most users ever realized were attempted. Using AI integrated directly into its review pipeline, Google’s systems caught threats faster, forced bad actors out earlier, and expanded Android-level defenses to billions of devices worldwide. This report breaks down exactly what changed, what the numbers mean for everyday users in the US and India, and what Google has committed to doing next.

What the 2025 Numbers Actually Reveal

The headline figure is 1.75 million blocked apps, but the more meaningful story is the year-over-year trend. Google blocked 2.36 million policy-violating apps in 2024 and banned 158,000 developer accounts that same year. In 2025, both figures dropped significantly: 1.75 million apps blocked and 80,000 accounts banned.

Google attributes this decline not to weaker enforcement, but to stronger deterrence. Initiatives including mandatory developer verification, pre-review checks, and testing requirements have raised the entry bar so substantially that fewer bad actors are even attempting to publish harmful apps. The ecosystem is becoming harder to exploit at the front door.

The data access picture also improved sharply. In 2024, Google prevented 1.3 million apps from gaining excessive or unnecessary access to sensitive user data. Google has continued tightening these data access policies in 2025, with ongoing requirements for developer transparency on data handling and deletion.

Also Read Sarvam AI Indus: The 105B Sovereign Chat App India Built From Scratch

How AI Now Powers Every Stage of App Review

Google Play runs over 10,000 safety checks on every app submitted to the store, and those checks continue after publication. In 2025, Google deepened its AI investments specifically to counter bad actors who are themselves using AI to generate more sophisticated and harder-to-detect malicious code.

This AI-versus-AI dynamic is the defining security challenge of 2025 and 2026. Static signature-based detection is no longer sufficient when malware can mutate its own code patterns. Google Play Protect addressed this in 2024 by introducing real-time code-level scanning on novel apps to combat polymorphic malware, and that capability continued to scale through 2025.

Developer tools also improved on the legitimate side. In 2025, Google focused on reducing friction for honest developers by embedding compliance checks earlier in the development process, so policy violations are flagged before submission rather than after. The goal is a self-correcting pipeline where compliant-by-design apps become the default.

Google Play Protect: The Numbers Behind 350 Billion Daily Scans

Google Play Protect is Android’s built-in defense layer, and its scale grew substantially between 2024 and 2025. Daily app scans increased from over 200 billion in 2024 to over 350 billion in 2025, covering both Play Store installs and sideloaded apps from third-party sources.

Its real-time scanning identified more than 27 million new malicious apps from outside Google Play in 2025, a sharp increase from 13 million in 2024. That steep rise does not mean Play Protect got worse at its job. It means more users are sideloading apps, and bad actors are increasingly routing around the Play Store entirely to reach them.

Play Protect scans every app on Android devices with Google Play Services regardless of download source, and it is enabled by default. Google’s consistent public recommendation is that users keep Play Protect on at all times and never disable it when prompted by an outside caller or message.

Enhanced Fraud Protection: From Pilot to Global Scale

Enhanced fraud protection is one of the most significant expansions Google made to Play Protect over the 2024 to 2025 period. The feature automatically analyzes and blocks installation attempts for apps that use sensitive permissions frequently abused for financial fraud, specifically targeting apps sideloaded from internet sources such as browsers, messaging apps, and file managers.

In 2024, enhanced fraud protection pilots shielded 10 million devices from over 36 million risky installation attempts, covering more than 200,000 unique apps. The program began with a pilot in Singapore in partnership with the Cyber Security Agency of Singapore and subsequently expanded to nine regions including Brazil, Hong Kong, India, Kenya, Nigeria, the Philippines, South Africa, Thailand, and Vietnam.

For Android users in India specifically, this expansion is directly relevant. India was among the nine markets included in the 2024 pilot expansion, placing Indian users inside an active layer of sideloading protection that many users may not know is running in the background.

In-Call Scam Protection and What It Stops

Fraudsters frequently call users while impersonating banks or technical support agents and instruct victims to sideload apps or disable security settings mid-call. Google’s in-call scam protections address this attack pattern directly.

Google expanded these in-call scam protections as part of its broader 2025 Android security improvements. The protections are designed to block high-risk actions, including sideloading from unverified sources, when a call with an unknown number is active. This directly counters the social engineering tactic of using a live call to manipulate a user into bypassing their own device security.

Developer Verification: Raising the Entry Bar

Developer accountability was a central theme of Google’s 2025 strategy. Mandatory developer verification, pre-review checks, and testing requirements now serve as structural gatekeepers before any app reaches the store. These are not optional guidelines; they are enforced checkpoints in the submission pipeline.

The Play Integrity API gives developers a parallel tool to protect their own apps after publication. It allows developers to check whether their app has been tampered with or is running in a compromised environment, defending against fraud, bots, cheating, and data theft. In 2024, apps using Play Integrity features saw 80% lower usage from unverified and untrusted sources on average.

Google’s 2026 roadmap includes rolling out Android developer verifications to prevent banned developers from hiding behind anonymity and re-entering the ecosystem under new accounts. This closes one of the most persistent gaps in the existing enforcement model.

What This Means for Android Users in the US and India

For Android users, these protections operate entirely in the background, but the choices users make determine how much of that protection actually applies to them. Keeping Google Play Protect enabled is the single most important step, as users who disable it remove the primary layer of real-time defense against both store-sourced and sideloaded threats.

Sideloading apps from browsers, messaging apps, or file managers carries significantly higher risk than installing from Google Play. With 27 million malicious sideloaded apps identified in 2025 alone, the sideloading channel is now the dominant attack surface for Android malware. Play Protect covers sideloaded apps too, but the risk profile is materially higher, and enhanced fraud protection specifically targets this vector.

Users in India benefit from both the enhanced fraud protection pilot expansion confirmed in 2024 and Google’s continued investment in the region as a priority market. Staying on a recent Android version ensures access to the latest Play Protect capabilities, as Google’s 2024 data shows over 91% of Play Store installs already run on Android 13 or newer.

Limitations and Honest Considerations

No automated system is fully proof against sophisticated evasion. Google’s own annual report acknowledges that bad actors are actively using AI to evolve their attack methods, matching pace with Google’s AI-driven defenses. The 2025 figures show deterrence is working, but the threat environment is not static.

Enhanced fraud protection, while expanding, was still in active pilot phases through 2024 in a defined set of markets. Users on older Android versions or devices without Google Play Services operate outside this protection layer and face a meaningfully different risk environment.

What Google Has Committed to in 2026

Google’s stated 2026 priorities center on three areas. First, rolling out Android developer verifications broadly to prevent anonymized re-entry by banned actors. Second, continuing AI-driven defense investment to stay ahead of AI-assisted threats. Third, embedding compliance checks directly into developer tools so that policy adherence is built into the app creation process before submission, not enforced after the fact.

Also Read Samsung’s New Bixby in One UI 8.5 Finally Understands How You Actually Talk

Frequently Asked Questions (FAQs)