Mishaal Rahman / Android Authority
TL;DR
- Google says it’s been increasingly relying on AI to counter AI-powered malware, strengthening Android defenses before threats reach users.
- Over 1.75 million harmful apps were blocked from the Play Store in 2025, alongside 80,000 malicious developer accounts.
- Privacy protections tightened, with 255,000 apps blocked from requesting unnecessary sensitive data like location or photos.
Artificial intelligence is helping hackers find new ways to sneak malware onto your phone, so Google is fighting fire with fire. The Android world has always been a back-and-forth battle, but in 2025, Google cranked up its machine-learning defenses to catch scammers before they reach the Play Store.
A new report from Vijaya Kaza, Google’s vice president of App & Ecosystem Trust, says Google stopped over 1.75 million policy-breaking apps from reaching the Play Store last year. It also removed more than 80,000 developer accounts trying to publish harmful apps.
How is Google making this happen? The answer is AI. The company says it has added AI models directly into the app review process. Human reviewers are still involved, but the AI helps find complex malicious patterns much faster than a person could by manually reviewing code.
Don’t want to miss the best from Android Authority?
You also get more privacy protection automatically. Last year, Google blocked over 255,000 apps from asking for too much sensitive data, like location requests from apps that don’t need it or photo access for a calculator. Developers also get help from tools like Play Policy Insights in Android Studio, which point out possible issues while they are still writing code.
Spam is also being tackled. In 2025, Google blocked 160 million spam ratings and reviews, including fake five-star campaigns and organized efforts to lower an app’s score. The company says it stopped an average 0.5-star drop for apps targeted by review bombing.
The protections go beyond the Play Store. Google Play Protect, Android’s built-in malware scanner, now checks over 350 billion apps every day. Last year, its real-time scanning found 27 million new malicious apps from outside Google Play. If you have ever installed an app from an untrusted website, you may have seen a warning appear. That is Play Protect at work.
This feature is also improving. Enhanced fraud protection now blocks installations from internet sources, such as browsers or messaging apps, that request sensitive permissions. In 2025, it launched in 185 markets, covering 2.8 billion devices, and stopped 266 million risky installation attempts. That means 266 million times someone avoided installing something dangerous.
Google also made changes to fight social engineering. If you are on a phone call, Play Protect now removes the option to turn it off. This is because scammers often try to convince people to disable their protections while they are distracted. Now, that method no longer works.
Looking forward, Google says it will open developer verification to everyone this year, including students and hobbyists, but with a simpler process. In Android 16, a single line of code can now protect sensitive information, such as banking logins, from “tapjacking” attacks.
Thank you for being part of our community. Read our Comment Policy before posting.
