Google blocked approximately 2.36 million Android apps from reaching the Google Play Store in 2024 and banned more than 158,000 developer accounts for attempting to distribute malware and other policy-violating software, the company disclosed in its latest annual security report. The numbers represent a significant escalation in enforcement compared with prior years and reflect both the growing sophistication of bad actors and Google’s expanding use of artificial intelligence to detect threats before they reach consumers.
The scale of the operation is staggering. According to TechRadar, Google also prevented 1.3 million apps from gaining excessive or unnecessary permissions that could have compromised user data. The company credited AI-assisted reviews for more than 92% of its human evaluations of harmful apps, allowing its trust and safety teams to act faster and with greater precision than in any previous year.
AI-Powered Reviews Are Now the First Line of Defense
Google’s deployment of machine learning models to screen app submissions has been underway for several years, but 2024 marked a turning point. The company said AI now assists in the vast majority of enforcement actions, helping analysts identify obfuscated malicious code, deceptive privacy practices, and policy violations that might otherwise slip through manual review. The result is a system that can process millions of submissions while flagging the most suspicious entries for human analysts to examine more closely.
The 2.36 million rejections represent apps that were stopped before they ever appeared on the Play Store. That figure is up from 2.28 million in 2023, which itself was a sharp increase from 1.43 million in 2022. The trajectory suggests that the volume of attempted abuse is rising in tandem with Google’s ability to detect it. Bethel Otuteye, senior director of product management for Android security, wrote in a Google Security Blog post that the company’s goal is to make Google Play “the most trusted source for Android apps worldwide.”
Developer Account Bans Reach Record Levels
Beyond individual app rejections, Google took action against the accounts behind the abuse. The company banned more than 158,000 developer accounts in 2024 for attempting to publish malware or repeatedly violating store policies. This is a notable increase from the 333,000 accounts banned over the prior three years combined, as reported by TechRadar, which indicates that Google has significantly tightened its enforcement posture.
The crackdown on developer accounts is a strategic choice. Removing a single malicious app does little if the developer behind it can simply create a new listing under the same or a slightly altered identity. By targeting the accounts themselves, Google aims to raise the cost of doing business for bad actors who treat app store abuse as a volume operation. The company has also strengthened its identity verification requirements for new developer accounts, making it harder to register under fraudulent credentials.
The Sideloading Problem and Google Play Protect
While Google Play remains the primary distribution channel for Android apps, the open nature of the Android platform means users can install software from third-party sources—a practice known as sideloading. This is where a significant portion of the remaining risk lies. Google reported that its on-device security system, Google Play Protect, identified more than 13 million new malicious apps originating from outside the Play Store in 2024.
Google Play Protect runs on virtually every Android device with Google Mobile Services and performs real-time scans of installed applications, regardless of their source. The system uses on-device machine learning to detect apps that behave in suspicious ways, such as attempting to harvest credentials, intercept text messages, or overlay fake login screens on top of legitimate banking applications. Google said Play Protect now performs more than 10 billion scans per day across the global Android device base.
SDK Transparency and Third-Party Code Risks
One of the more technical dimensions of Google’s enforcement efforts involves software development kits, or SDKs—prepackaged code libraries that developers embed in their apps to add functionality such as advertising, analytics, or social media integration. Malicious or poorly secured SDKs can introduce vulnerabilities into otherwise legitimate apps, often without the developer’s knowledge. Google said it worked with SDK providers throughout 2024 to limit the scope of data that third-party code can access and to improve transparency around what SDKs actually do once installed on a user’s device.
The company expanded its SDK transparency requirements, asking developers to disclose which SDKs their apps use and what data those SDKs collect. Google also introduced new restrictions on SDK behavior, including limits on background data collection and stricter rules around the use of persistent device identifiers. These measures are designed to address a class of privacy risks that traditional app review processes often miss, since the problematic behavior originates in code the app developer did not write.
How the Numbers Compare With Apple’s App Store
Apple, which operates the only other major mobile app marketplace, has historically published its own enforcement statistics in an annual transparency report. In its most recent disclosure, Apple said it rejected approximately 1.7 million app submissions and removed roughly 374,000 apps from the App Store for various violations in 2023. While the numbers are not directly comparable—Apple’s App Store receives fewer submissions overall due to the smaller developer base and more restrictive upfront requirements—they suggest that both platform operators are dealing with a rising tide of abusive submissions.
The philosophical difference between the two platforms remains stark. Apple maintains tight control over app distribution, prohibiting sideloading on iPhones in most markets (though regulatory pressure in the European Union has forced some concessions). Google, by contrast, allows sideloading as a core feature of Android’s open architecture but compensates with Play Protect and other on-device defenses. The debate over which approach better serves consumers continues to play out in regulatory proceedings and antitrust cases on both sides of the Atlantic.
Fraud, Financial Malware, and the Human Cost
Behind the statistics are real victims. Financial malware—apps designed to steal banking credentials, intercept one-time passwords, or trick users into authorizing fraudulent transactions—remains one of the most damaging categories of mobile threat. Google said it blocked tens of thousands of apps with financial fraud capabilities in 2024, many of which targeted users in emerging markets where mobile banking adoption is growing rapidly and digital literacy may be lower.
The company also flagged a rise in apps that use social engineering tactics, such as impersonating well-known brands or government agencies, to trick users into providing personal information. These apps often pass initial automated screening because they contain no overtly malicious code; instead, they rely on deceptive user interfaces and misleading claims to extract data from users who believe they are interacting with a legitimate service. Detecting these apps requires a combination of automated content analysis and human judgment, which is why Google’s AI-assisted review model has become central to its enforcement strategy.
What Comes Next for Android Security
Google has signaled that it intends to further tighten Play Store policies in 2025. The company is expected to introduce additional restrictions on apps that request sensitive permissions, such as access to SMS messages, call logs, and location data, without a clear and justified need. It is also expanding its pilot programs for real-time app scanning during installation, which would allow Play Protect to block known threats before they are fully installed on a device.
The broader context is one of escalating stakes. As mobile devices become the primary computing platform for billions of people worldwide, the app stores that serve them have become critical chokepoints for security. Google’s 2024 numbers show that the company is investing heavily in defending that chokepoint, but the sheer volume of malicious submissions—nearly 2.4 million in a single year—underscores the magnitude of the challenge. For developers, security researchers, and the billions of Android users who depend on Google Play, the arms race between platform defenders and app-based attackers shows no sign of slowing down.
from WebProNews https://ift.tt/yu18mWs
No comments:
Post a Comment