Play Store will never be the same again.
Updated on October 7 with reports emerging of dangerous malware returning to Play Store.
Google is on a mission to bridge the safety gap that currently sets Apple’s iPhone apart from its Android competition. Lots of chatter this week about the release date for Android 15, which will bring live threat detection—AI-powering Play Protect to flag dangerous apps in real time on devices. Google’s other headline act is a cull of the Play Store itself, and it’s now clear the store is changing more than ever before.
Since the updated policy went live on August 31, raising the bar for an app to access Play Store, I’ve been looking for indicators as to the scale of impact this might have. The question remains the extent to which this will genuinely reduce the threat from trivial, poorly developed apps used as trojans to sneak malicious code onto phones.
We’ve already seen a report from Statista, which showed that as of June 2024, the number of Play Store apps available was down a almost a million apps year-on-year, albeit at 1.7 million titles, there remains an expansive attack surface as the constant game of cat and mouse between bad actors and Google’s security team continues.
Confirmed reduction in number of available Play Store apps.
As notable as that is, the latest Statista report is even more stark, showing the number of apps released monthly through Play Store is coming down rapidly. While this shows September’s “notable decrease compared to the previous month,” it’s even more marked over a year ago—29,000 now versus nearly 80,000 then. Nothing though compared to March 2019, when 140,000 apps were released.
While this is all very welcome, actively removing errant apps, raising the bar for new apps and updates, and screening. app behavior on devices, the onus remains on users to reflect on which apps they allow onto their devices and actively running their own app culls periodically, to remove apps no longer in use or which err on the trivial side.
Google produces a helpful guide as to the “four pillars of Android app quality” by which one can judge what should make the cut. The warning signs are obvious—poor user experience, features that fail to load, general feel of poor development, over-stretching on permission requests, lack of genuinely useful or entertaining utility.
All of this has added significant at the moment with Google pushing users to stick rigidly to Play Store and to avoid sideloading apps more than ever before. While that approach prompts mixed feelings across an Android community raised on materially lower restrictions than iPhone, to say nothing of recent legal challenges, it’s beyond doubt that sideloading carries high risks for users and their devices.
Monthly Play Store releases
As welcome as this Play Store cull might be, there’s still work to be done. Four years ago, I reported on Joker malware beating Google’s defenses to make it onto the Play Store, with the team at Check Point warning that “Joker is one of the most sophisticated threats of its kind we have ever seen.” This malware secretly subscribes victims to premium services, with the first sign of infection being bill shock. At the time Check Point told me that “Play Store protections are not enough—although Google removed the malicious apps from the Play Store, we can fully expect Joker to adapt again. Everyone should take the time to understand what Joker is and how it hurts everyday people.”
Google itself has warned about Joker (aka Bread). “We first started tracking Bread (also known as Joker) in early 2017,” the company said in January 2020, explaining that “as the Play Store has introduced new policies and Google Play Protect has scaled defenses, Bread apps were forced to continually iterate to search for gaps. They have at some point used just about every cloaking and obfuscation technique under the sun in an attempt to go undetected. Many of these samples appear to be designed specifically to attempt to slip into the Play Store undetected and are not seen elsewhere.”
Joker app on Play Store
Fast forward to September 2024, and while Google assured back in 2020 that “Play Protect has defended against a well organized, persistent attacker and share examples of their techniques,” Joker has just turned up again on Play Store again, This time its victims are in Poland and have been infected through a ‘“Beauty Camera” app. CERT Polska says the app was still available as at October 1, and already has “more than 100,000 downloads with the last update being published on September 17.”
Joker’s unrivalled hide and seek skills show no signs of diminishing: “Once downloaded and installed by the user, the interface itself does not look malicious and matches the description on Google Play Store: The beauty camera can replace the camera software on your original phone, allowing you to better capture beautiful memories.”
Poland today—somewhere else tomorrow, and so be very wary of these kinds of trivial apps on Play Store, the cull notwithstanding. As CERT Polska explains, the conops has not changed, with the app’s “sophisticated and malicious mechanism designed to get users to subscribe to premium services without their knowledge or consent. The application uses a multi-step process that employs encrypted communications, obfuscated code and unauthorized access to sensitive user data.”
And so, while Google ups its defenses and kicks ever more apps from Play Store, make sure you still keep an eye on those you let onto your device. Don’t be tricked into installing trivial apps you don’t need. And also make sure Play Protect is enabled on your phone.
![The best free dating apps [updated February 2025]](https://news.charm-retirement.com/wp-content/uploads/2025/02/hero-image.fill_.size_1200x675.v1720623113.jpg)