Google has put concrete figures to the cleanup effort in its official Android storeAccording to its 2025 security report, the company blocked the publication of 1,75 million applications that violated Google Play rules, thus preventing a large volume of potentially dangerous software from reaching users' mobile phones.
The report, which details the state of the Android app ecosystem securityIt also underlines the role of artificial intelligence for detect fraud, malware and privacy abuses increasingly sophisticated. The company insists that its priority is to maintain Google Play and Android as reliable environments for downloading and using applications, in a context of growing threats at a global level, also in Spain and the rest of Europe.
1,75 million banned apps and 80.000 blocked developer accounts
The data shared by the company makes clear the scope of the problem and the solution: 1,75 million apps were blocked before being published on Google Play for violating the platform's security, privacy, or fraud policies. These apps ranged from attempts to introduce malware to services with hidden subscriptions or unjustified access permissions.
To cut the problem off at the root, Google closed more than 80.000 developer accounts deemed malicious.These accounts were linked to repeated attempts to upload deceptive or harmful software, which directly impacts user trust in the official store. Strengthening developer controls is one of the areas the company will continue to focus on in the coming years.
In parallel, the company has blocked that approximately 255.000 applications gained excessive access to users' confidential dataIn many cases, these were apps that requested permits that were unrelated with its actual function, a common pattern in tools that seek to collect personal information without a clear justification.
All this work is supported by a very demanding review system: Google Play performs more than 10.000 security checks for each app, combining automated analysis with human review to detect suspicious behavior before an app reaches the public.
Artificial intelligence, a key tool in the fight against increasingly complex attacks
One of the central messages of the report is that Artificial intelligence has become the heart of Google Play's defense systemThe company acknowledges that cybercriminals are also using AI to better camouflage their applications, modify attack patterns, and bypass traditional filters.
To respond to this leap in complexity, Google has integrated New models of generative AI in review and monitoring processesThese tools allow for faster detection of anomalous behavior, suspicious permission combinations, or patterns of financial fraud that might otherwise go unnoticed.
The firm explains that Android's security relies on a mix of automated analysis, account monitoring, and collaboration with cybersecurity experts.The goal is to stop threats at their source, preventing them from turning into real attacks such as data theft, unauthorized charges, or silent installation of spyware on the devices.
In this sense, AI tools also contribute to identify networks of developers that act in a coordinated mannerreappearing with new accounts after being blocked. By correlating technical and behavioral signals, Google tries to reduce this "cat-and-mouse game" that occurs when fraudulent profiles are closed and new ones emerge.
The company insists it will continue investing in AI-based defense systems to anticipate new attackers' tactics. The idea is that the user doesn't have to worry about every technical detail and can download applications from the official store with a reasonable level of peace of mind.
Google Play Protect: 27 million malicious third-party apps and 350.000 billion scans daily
Beyond the official store, much of the protection comes through Google Play Protect, the security solution built into AndroidThis system acts as a kind of permanent shield that analyzes the applications installed on the device, including those from [unknown sources]. sources other than Google Play.
According to the report, Play Protect analyzes more than 350.000 billion Android apps every day.This volume illustrates the extent to which app use has become widespread in the ecosystem. This continuous monitoring allows for the detection and neutralization of suspicious software even after it has been installed.
During 2025, Play Protect's real-time analytics capabilities enabled Identify more than 27 million malicious applications from outside the Play StoreIn many cases, these were installations initiated from browsers, messaging services, or third-party stores—a common way to sneak in malware or financial fraud tools.
The company also details the enhanced protection of Play Protect blocked 266 million attempts to install risky applicationsThese actions affected approximately 872.000 unique high-risk applications and were deployed on more than 2.800 billion Android devices across 185 markets, including Europe.
In the context of Spain and the European Union, where data protection regulations are particularly strict, These additional layers of security help reduce the impact of malware campaigns and online scams. which, in many cases, are distributed globally without regard for borders.
Financial fraud, phone scams, and the war against spam in reviews
The report also focuses on one of the issues that most concerns users and regulators: financial fraud through mobile applicationsGoogle Play Protect has strengthened its ability to detect apps that attempt to access bank details, intercepting verification codes or subscribing the user to paid services without their clear consent.
Among the key measures is the Specific protection against telephone scamsDuring active calls, the system prevents Play Protect from being deactivated, a tactic some criminals used to trick their victims into disabling the security feature and then installing a fraudulent app. This change aims to close a vulnerability that was being frequently exploited.
Another important line of work concerns the reputation of applications. Google claims to have 160 million reviews and ratings blocked for being considered spam or fraudulentMany of them were part of organized campaigns to manipulate the ratings of certain apps, either by artificially inflating them or launching negative review attacks to lower the average score.
By preventing these manipulation attempts, the company claims to have prevented an average drop of 0,5 stars in the evaluation of the targeted apps in these campaigns. For users, this means that the ratings and reviews they see on Google Play better reflect the real-world experience, which is key when deciding what to install on their mobile device.
In parallel, Special emphasis has been placed on curbing unjustified access to personal dataThis reinforcement aligns with the regulatory requirements of regions such as the EU, where the protection of privacy and control over user information are central elements of digital legislation.
An ecosystem under pressure and Google's plans to strengthen security
The figures for 2025 reflect an uncomfortable but evident reality: The volume of threats on Android grows in tandem with the massive use of smartphones and applicationsBlocking nearly two million apps in a single year not only speaks to Google's ability to control, but also to the magnitude of the problem that platforms face.
Android, as the dominant operating system worldwide, continues to be a prime target for cybercriminals. Every new feature, permission, or integration with financial services opens up potential avenues of attack that the company must monitor. Hence, Google speaks of a constant effort to maintain Google Play and Android as “the most reliable app ecosystems”.
Looking ahead to the coming years, the company is planning additional measures, such as the extension of mandatory identity verification to all developersThis requirement seeks to reduce the anonymity behind malicious apps and is linked to European regulatory demands regarding transparency and digital accountability.
Everything points to the combination of artificial intelligence, stricter controls on developers, and greater filtering of permissions and reviews This will continue to shape the company's roadmap. For users in Spain and the rest of Europe, the message is clear: downloading from the official store remains the safest option, but zero risk doesn't exist, and good security practices are still essential.
With the publication of this report, Google seeks to demonstrate the scope of its surveillance efforts: 1,75 million malicious apps stopped, tens of thousands of accounts closed, millions of fraud attempts blocked, and intensive use of AI to stay one step ahead of attackers. The impact of these figures is noticeable in the daily lives of users, who, although they don't see most of these threats, benefit from a more filtered ecosystem and security barriers that, at least for now, seem to be adapting to the pace of cybercrime.
