Google killed 700,000 malicious apps in the Play Store in 2017

Google's getting better: That's a 70 percent increase over the previous year due in part to machine learning.
the software pulls information from Facebook Messenger, WhatsApp, and Line, an end-to-end encrypted messaging application that's popular in Asia. (Flickr user <a href="">StevenW</a> / CC-BY-2.0)

If it seems like every day there is news of a malicious Android app being removed from the Google Play Store, your assumption is actually wrong.

It’s closer to 2,000 apps per day.

Google removed 700,000 malicious apps from the Google Play Store in 2017, according to Android product manager Andrew Ahn. That number represents a 70 percent increase over the previous year due in part to the increasing role of machine learning in detecting malware.

“Not only did we remove more bad apps, we were able to identify and action against them earlier,” Ahn wrote. “99 percent of apps with abusive contents were identified and rejected before anyone could install them.”


Despite the increase in removals, the operating system’s security tool, Android Play Protect, earned mediocre marks in tests against rivals.

Android is by far the most popular mobile operating system in world, commanding well over 80 percent of the market share for mobile phones. That naturally leads to the software being a big target.

“Definitely some things slip past Google once in a while,” Christoph Hebeisen, an Android security researcher at Lookout, told CyberScoop earlier this month. “That said, I suspect it’s a tiny percentage of what’s actually thrown at them by malware developers. I think it’s just the sheer mass that something once in a while slips past.”

The majority of removals were malicious copycats of popular apps. That phenomenon reached its apex late last year when a fake WhatsApp was downloaded over 1 million times by Android users. This happens all the time and lures millions of users into mistakenly downloading malware from sources they thought they could trust.

Abusive apps were also removed in great numbers. Apps containing pornography, violence, hate and other illegal activities made up the second largest group of removals, totaling in the hundreds of thousands by the end of the year.


Malicious apps, called Potentially Harmful Applications (PHA) by Google, were “small in volume” but represent one of the most direct threats to Android security.

“Finding these bad apps is non-trivial as the malicious developers go the extra mile to make their app look as legitimate as possible, but with the launch of Google Play Protect in 2017, the annual PHA install rates on Google Play was reduced by 50 percent year over year,” Ahn wrote.

Some of 2017’s greatest malware hits include malicious adware getting 1.5 million downloads on the Play Store, the BankBot banking trojan stubbornly lurking in Google Play Store apps and a massive ad fraud operation from a South Korean company involving dozens of Play Store apps.

Latest Podcasts