Google has taken strong action against harmful Android apps in 2024. The company blocked over 2.36 million policy-violating apps from entering the Google Play Store. Additionally, it banned 158,000 developer accounts that attempted to upload malicious apps.
By collaborating with third-party developers, Google also prevented 1.3 million apps from gaining unnecessary access to user data. Meanwhile, Google Play Protect identified 13 million malicious apps outside the Play Store, flagging them as security threats.
According to a report, over 91% of Play Store app installs now use the latest Android 13 security protections. This is due to strict policies and closer partnerships with developers.
Improved Security Measures
Google has also enhanced app security through the Play Integrity API. This feature helps developers detect whether their apps have been modified or are running in unsafe environments. As a result, unauthorized usage of apps from untrusted sources has dropped by 80%.
Furthermore, Google has automatically blocked sideloading of potentially unsafe apps in several regions. Countries like India, Nigeria, Thailand, and Vietnam have benefited from this move. Over 10 million devices were protected from 36 million risky app installations linked to 200,000 unique apps.
Emerging Malware Threats
Despite these efforts, mobile malware threats continue to evolve. Recently, researchers discovered Tria Stealer, a malicious app targeting users in Malaysia and Brunei. Attackers distribute this malware via WhatsApp and Telegram APK files. Once installed, it steals sensitive data, including SMS messages, call logs, and emails from apps like Gmail, Outlook, and WhatsApp.
Reports suggest that Indonesian-speaking cybercriminals may be behind the campaign. The stolen data is used to hijack messaging accounts and trick contacts into sending money. Additionally, Tria Stealer can intercept one-time passwords (OTPs), allowing hackers to access bank accounts and other online services.
Preventing Future Threats
To stay protected, users should only download apps from the Google Play Store. Additionally, they should enable Google Play Protect, avoid sideloading unknown APK files, and review app permissions before installation. Developers must also prioritize strong security measures to prevent malware infiltration.
