Google blocked thousands of developer accounts to stop malware

Play Store
(Image credit: senengmotret /

Google has revealed it banned hundreds of thousands of hostile accounts and removed more than a million malicious apps from its mobile app repository in 2022 as part of its efforts to keep the Play Store a secure environment for developers and consumers alike. 

In its yearly report on bad apps, Google outlined how it prevented 1.43 million policy-violating apps from being published on Google Play during 2022.

Furthermore, Google said it banned 173,000 bad accounts, and prevented more than $2 billion in fraudulent and abusive transactions, along with further investing in machine learning systems and app review processes, which resulted in improved security features and enhanced policies. 

Identity verification improvements

To better protect its developer community, as well as Android users, from threat actors, Google says it has made it more difficult to enter the Play ecosystem. Now, developers need to verify their identities with phone, email, and other verification methods. As a result, there were fewer accounts disseminating apps that were in violation with Google Play Policies. 

“We continued to partner with SDK providers to limit sensitive data access and sharing, enhancing the privacy posture for over one million apps on Google Play,” the company said, adding that over the last three years, it prevented some 500,000 apps from unnecessarily accessing sensitive permissions. What’s more, last year the App Security Improvements program helped devs fix approximately 500,000 security weaknesses found in some 300,000 apps. Cumulatively, these apps were installed more than 250 billion times. 

“We also launched the Google Play SDK Index to help developers evaluate an SDK’s reliability and safety and make informed decisions about whether an SDK is right for their business and their users,” the company added. 

Finally, it launched new features and resources to better support developers, and expanded its Helpline pilot, all of which resulted in a “better policy experience,” Google concluded. 

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.