1.75 Million Apps Blocked: Google’s AI-Driven War on Android Malware in 2025

In a newly released blog post, Vijaya Kaza, VP and GM of App & Ecosystem Trust at Google, detailed the company’s aggressive push to secure the Android landscape, revealing staggering numbers from the past year’s security operations.

The scale of the threat targeting the Android ecosystem is massive, but so is the response. According to Kaza, Google’s enhanced, multi-layered user protections have yielded significant results.

“In 2025, we prevented over 1.75 million policy-violating apps from being published on Google Play and banned more than 80,000 bad developer accounts that attempted to publish harmful apps,” Kaza states in the report.

These figures underscore a pivotal shift toward a more accountable ecosystem. By enforcing mandatory pre-review checks and rigorous testing requirements, Google is successfully “discouraging bad actors from publishing malicious apps” while making it easier for honest developers to navigate compliance.

The modern cybercriminal is no longer relying solely on manual coding and basic social engineering. They are weaponizing artificial intelligence to scale their operations and evade detection.

“As bad actors leverage AI to change their tactics and launch increasingly sophisticated attacks, we’ve deepened our investments in AI and real-time defenses over the last year to maintain the upper hand and stop these threats before they reach users,” the report explains.

This continuous investment in AI-driven defenses is essential to keep the platform free of real-world harms, which Kaza identifies as “malware, financial fraud, hidden subscriptions, and privacy invasions”.

A major pillar of Google’s strategy is stripping away the anonymity that allows cybercriminals to thrive. The company has announced that developer verification, previously in early access, will open to all developers this year.

“Verification helps legitimize authentic developers and prevents bad actors from hiding behind anonymity to repeatedly cause harm,” Kaza notes. Recognizing the diverse nature of the Android developer community, Google has also introduced a dedicated account type for students and hobbyists, allowing them to distribute apps to limited devices without facing the full brunt of commercial verification requirements.

The security enhancements aren’t limited to the Play Store; they extend directly into the Android operating system itself. Kaza highlighted a critical new defense mechanism rolling out with Android 16 designed to combat “tapjacking”—a deceptive tactic where malicious apps use invisible layers to steal user clicks for ad fraud or credential theft.

“In Android 16, developers can protect users’ most private information, like bank logins, with just one line of code,” the report reveals, adding that this feature is being automatically integrated into certain apps for an “instant security boost”.

As the year progresses, Google’s top priority remains clear: making Google Play and Android the most trusted app ecosystems globally by holding bad actors accountable and empowering developers to build security directly into their designs.

Related Posts:

• Google Chrome Tests AI-Driven Auto Password Change for Breached Accounts
• Exploring the AI-Powered Windows Search Copilot+ PCs Feature
• Google Play Protect: Safeguarding Billions of Users in 2024