Photo of Google HQ Entrance in London
© William Barton/Shutterstock.com
No AI-generated content: this article is written and researched by humans
Table of contents

Google blocked 1.43 million potentially dangerous apps from being published on the Play Store in 2022, the company revealed in a blog post on Thursday. Google also banned 173,000 developer accounts and prevented fraudulent transactions that amounted to over $2 billion.

According to Google, this was partly due to enhanced security features and policies, improvements to its app review processes, and its continued investment in machine learning systems.

Over the past three years, Google has prevented 500,000 apps from “unnecessarily accessing sensitive permissions.” These revelations shed light on Google’s work behind the scenes to limit malicious activities on the Play Store. The company has come under criticism in recent years for the seemingly lax security of the Play Store.

Last year, security researchers at Zimperium found 470 malicious apps on Google’s Play Store that spread malware to about 100 million Android devices. Cybercriminals use various devious techniques to escape Google’s security measures.

Earlier this month, Kaspersky released a report revealing that hackers charge between $2,000 to $20,000 to “trojanize” apps on the Play Store. One way they do this is by delivering malicious code as updates to apps on the Play Store. If you have such an app on your phone, you may be oblivious to its nefarious activities if you’re not using real-time antivirus software.

Google’s Efforts to Keep the Play Store Safe

In 2022, Google’s App Security Improvements program helped developers remedy about 500,000 security issues affecting about 300,000 apps. The company also launched the Google Play SDK (Software Development Kit) Index to help developers assess the safety and reliability of SDKs.

Also, in 2022, Google’s Play Store became “the first commercial App Store to recognize and display a badge for any app that has completed an independent security review through App Defense Alliance’s Mobile App Security Assessment (MASA).” MASA uses the Open Worldwide Application Security Project’s (OWASP) Mobile Application Security Verification Standard — the “most widely adopted set of security requirements for mobile applications.”

“And we piloted the Google Play Developer Community so more developers can discuss policy questions and exchange best practices on how to build safe apps,” Google said in its blog post.

A new Target Level API policy also protects Android users “from installing apps that may not have the full set of privacy and security features offered by the latest versions of Android,” the Google Security blog said.

Google also worked on new app license requirements to fight app impersonation and expanded the App Defense Alliance to “protect Android users from bad apps through shared intelligence and coordinated detection.” The App Defense Alliance is supported by major antivirus providers like McAfee, Trend Micro, ESET, and Lookout.

How to Steer Clear of Dangerous Play Store Apps

Google’s Play Store is the world’s largest app store. The sheer size of the store means that some malicious apps may pass through Google’s security filters undetected. While Google’s new approach will cut down the malicious apps that make it to the store, users must be vigilant and learn how to spot shady apps.

We recommend only downloading apps from trusted developers and brands. Also, assess the ratings and reviews an app has before downloading it. Assess the device permissions an app requires to run — if they are invasive, this may be a red flag. Ensure your Android device is set to automatically receive updates so you don’t miss out on vital security patches.

While we don’t recommend downloading apps from outside the Play Store, if you do, upload the APK file to VirusTotal for analysis. This site allows you to scan Android apps for viruses and malware. It leverages over 70 antivirus scanners to identify infected codes and scripts within an app’s installation files.

If you suspect your phone has been infected with malware, check out our Android malware removal guide for information about how to rid your device of viruses, worms, and other threats.

Leave a comment