Rising Threat on Android
Security firm Zscaler ThreatLabz reports a sharp 67% year-over-year increase in Android malware. Between June 2024 and May 2025, researchers identified 239 malicious applications on the official Google Play Store. These apps, often disguised as productivity or utility tools, were installed over 42 million times.
Shift in Attack Focus
Cybercriminals have pivoted from traditional credit card scams to mobile payment theft. They deploy spyware, banking trojans, and phishing tools to capture login details and enable unauthorized transactions. The most affected regions include India (26%), United States (15%), Canada (14%), Mexico (5%), and South Africa (4%).
Specific Malware Campaigns
- Android Void infected 1.6 million smart TV boxes, mainly in India and Brazil.
- A Remote Access Trojan (RAT) named Xnotice targeted job seekers in oil and gas across the Middle East and North Africa.
- Adware dominated threats at 69%, while the Joker malware family fell to 23% from 38% the previous year.
Google’s Response and Controversy
Google is rolling out a mandatory developer verification program. Starting soon, all Android app creators must:
- Submit personal information
- Provide government-issued ID
- Pay a registration fee
Non-compliant developers will lose the ability to distribute apps—even outside Google Play, including third-party sites. This effectively restricts sideloading, the practice of installing apps from unofficial sources.
Google justifies the move by claiming sideloading introduces 50 times more malware than Play Store apps. However, critics like F-Droid argue Google has provided no public evidence to support this statistic. They accuse the company of using security as a pretext to tighten control over the Android ecosystem.
Irony and Criticism
The timing raises eyebrows. Just as Google pushes to curb sideloading, a major report exposes widespread malware inside its own store. Commenters point out that low-install apps with ad fraud or repackaged open-source code often evade detection during review. Google Play Protect only flags issues after real users install them. Meanwhile, alternative stores like F-Droid report near-zero malware incidents over years.
User Caution Advised
Experts urge Android users to:
- Scrutinize app permissions and developer names
- Avoid apps with excessive ads or unrealistic promises
- Consider reputable alternatives for sensitive tasks
Despite Google’s vetting, the Play Store remains a prime target for sophisticated threats.
You may like: Musk Eyes Massive In-House Chip Factory to Power Tesla’s AI and Robotics Ambitions
News Source: Ghacks.net
