Google blocked 1.2 million apps from the Play Store in 2021 as it expanded safety and privacy controls in the wake of dodgy app and malware developers running rampant on the Android app market.
In a blog post, Steve Kafka and Khawaja Shams of the Android Security and Privacy Team described how their team had been cleaning up the Play Store in the past 12 months.
“Last year we introduced multiple privacy focused features, enhanced our protections against bad apps and developers, and improved SDK data safety,” Kafka and Shams said.
“In addition, Google Play Protect continues to scan billions of installed apps each day across billions of devices to keep people safe from malware and unwanted software.”
Along with the 1.2 million blocked apps, Kafka and Shams said they had banned 190,000 accounts of bad actors and closed 500,000 inactive or abandoned developer accounts.
Google Play has been host to malicious applications that security researchers have uncovered in the last few years including the infamous Joker trojan that was packaged into 24 apps that were downloaded a total of 500,000 times.
Like other ‘fleeceware’ apps that appear on both Android and Apple app stores, Joker created automatic premium subscriptions for unwitting users, charging them for services they didn’t use.
Another trojan on the Google Play store hijacked people’s accounts to leave fake reviews on websites and app stores by using accessibility services to control devices undetected.
Google said it has since cut the number of apps using unnecessary accessibility services by limiting the function to certain apps that legitimately help people living with disabilities or facing other challenges when using devices.
In the middle of last year, a series of apps that were stealing Facebook credentials was found on the Play Store and had been downloaded a total of six million times before they were removed and the apps’ developers banned from submitting to Play.
Google said it continues to improve the machine learning processes that spot and remove these kinds of malicious apps and it has started cracking down on sketchy third-party software development kits (SDKs) “to improve app safety” and “limit how user data is shared”.