Google spent 2025 playing an increasingly aggressive game of whack-a-mole with bad actors on Android, and the numbers it published are worth paying attention to.
According to its latest Android ecosystem safety report, the company prevented 1.75 million policy-violating apps from ever reaching Google Play and banned over 80,000 developer accounts that tried to publish harmful software.
Beyond the store itself, Google Play Protect (the malware scanner built into Android) now runs over 350 billion app scans every single day and flagged 27 million malicious apps coming from outside the Play Store.
The core problem Google is trying to solve isn’t new, but it’s getting harder. Fraudsters are using AI to craft more convincing scams and more sophisticated malware, which means Google had to respond by pushing AI deeper into its own review pipeline.
Its human review teams now use generative AI models to spot complex malicious patterns faster than manual inspection would allow.
One of the more interesting moves Google made was expanding what it calls “enhanced fraud protection.” When a user tries to install an app from a browser or messaging app rather than the Play Store, and that app asks for sensitive permissions, Google Play Protect steps in and blocks the installation automatically.
This started as a pilot in Singapore, but Google rolled it out to 185 countries last year, covering 2.8 billion devices. In 2025 alone it blocked 266 million risky installation attempts.
READ: Google Removes 180 Apps from Play Store Over Massive Ad Fraud Scheme
Google also addressed a specific social engineering trick of convincing someone on a phone call to disable their device’s built-in protections before downloading something malicious.
The fix is blunt but effective, as Android now simply won’t let users turn off Google Play Protect while they’re on a call.
On the privacy side, Google says it stopped over 255,000 apps from accessing more user data than they actually needed. It also blocked 160 million fake or manipulated ratings and reviews and claims it prevented apps targeted by coordinated review bombing from losing an average of half a star in their ratings.
For developers, Google introduced a tool called Play Policy Insights inside Android Studio that flags potential policy violations as code is being written, before the app is even submitted.
The idea is to catch problems during development rather than at the rejection stage. The company’s Play Integrity API, which apps use to verify they’re running on legitimate, unmodified devices, now handles over 20 billion checks per day, and Google added hardware-backed signals this year to make device spoofing harder.
There’s also a new developer verification system coming. Google is planning to require real, verifiable identities behind developer accounts across the broader Android ecosystem, not just the Play Store.
The logic is anonymous accounts make it easy for bad actors to get banned and immediately come back under a new name. Requiring accountability raises the cost of doing that.
The one group getting a carve-out is students and hobbyists, who will be able to distribute apps to a small number of devices without going through the full verification process.
READ: CRICFy Taken Down as Google Starts Killing Pirated Streaming Apps on Android
None of this eliminates the problem, though. Google is explicit that threats are evolving constantly. But the scale of what it’s now scanning and blocking each day suggests the gap between attack and defense is, at minimum, not widening.
