Google Play Protect Archives

AppWizard

May 27, 2026

Google could soon flag the dead Android apps hiding on your phone

Google is developing a new notification system for the Play Store that will inform users when an installed app has been removed, providing tailored messages based on the number of affected apps. Currently, Google Play Protect only alerts users about harmful apps but does not notify them about apps that are voluntarily removed or delisted for policy violations. The new system aims to address this gap by notifying users that apps will no longer receive updates, which is a concern for security and functionality. There is no specific timeline for the release of this feature, and the findings are based on code snippets that may not all make it to the final version.

AppWizard

May 26, 2026

Google might soon start warning you about dead Android apps on your phone

Google is developing a feature to alert users when an app installed on their device has been removed from the Play Store. Currently, users do not receive notifications about apps that have been delisted for non-security reasons. Recent findings from an APK teardown of the Google Play Store v51.4.19 indicate that users may soon receive notifications regarding inactive or delisted apps, focusing on keeping them informed about updates. This update aims to help users declutter their devices by notifying them of apps that will no longer receive updates. The timeline for the rollout of these notifications is not yet clear.

AppWizard

May 26, 2026

Google Play Store could soon warn you about dead Android apps on your phone

Google is working on enhancing its notification system for app removals from the Play Store. Currently, users do not receive alerts when an app is removed for reasons other than serious security violations. The latest version of the Google Play Store (v51.4.19) contains code indicating a new feature that will notify users when an installed app has been removed, informing them that the app will no longer receive updates. Notifications will vary based on the number of affected apps, providing clear communication to users. These features are still in development and may not be guaranteed for public release.

AppWizard

May 26, 2026

Is your phone bill higher? 200+ Android apps might secretly be stealing money from you

A new type of malware has emerged that targets smartphone users by inflating phone bills through unauthorized carrier subscriptions. Discovered by cybersecurity firm Zimperium, this operation involves nearly 250 counterfeit Android applications that impersonate popular apps like TikTok and Instagram. Once downloaded, the malware uses advanced techniques such as JavaScript injection and SIM card access to enroll users in fictitious premium services without their knowledge. The scam has primarily affected users in Malaysia, Romania, Thailand, and Croatia, with Malaysia accounting for 85% of the victims. Google has confirmed that these malicious apps are not available on the Play Store and that users are protected by Google Play Protect. Despite a peak in activity in September 2025, parts of the scam's infrastructure remain operational, with the last recorded activity in January 2026. Users are advised to practice online security measures to protect their personal data.

AppWizard

May 25, 2026

Over 200 Fake Android Apps Are Quietly Stealing Money From Phone Bills

Zimperium identified a sophisticated malware campaign that exploited nearly 250 Android applications, posing as popular games and social media platforms. The malware ensnared users into premium subscription services without consent, using techniques like JavaScript injection and interception of one-time passwords. The campaign primarily targeted users in Malaysia, Romania, Thailand, and Croatia, with the malware capable of reading SIM cards and activating for specific mobile carriers. Zimperium first detected the scam in March 2025 and monitored it until at least January 2026. Google stated that none of the compromised applications were available on its app store and emphasized that Android users are protected by Google Play Protect. The hackers deployed three malware variants, with the first using an automated subscription engine, the second targeting users in Thailand with premium SMS messages, and the third combining SMS fraud with real-time notifications to attackers via Telegram. The campaign primarily affected Malaysian SIM card users, with significant activity also in Thailand and Romania. Despite the campaign's last known activity in January, parts of its infrastructure remain operational. The attacks highlight vulnerabilities in application security and the challenges of policing app downloads from third-party marketplaces.

AppWizard

May 18, 2026

After fixing a family friend’s phone, I realized Google Play Protect is not doing enough

An elderly relative and a friend were misled into downloading problematic apps due to deceptive advertisements that appeared as system notifications. These ads led users to the Play Store under false pretenses, resulting in the installation of apps that generated excessive ads and altered user interfaces. In one case, a user unknowingly installed a launcher app disguised as a messaging application, which compromised her device's functionality and privacy by requesting excessive permissions. Google Play Protect failed to identify the problematic app, which continued to generate ads even after its removal. The app's misleading title and vague description contributed to the confusion, highlighting the need for improved safeguards in the Play Store to protect less tech-savvy users.

AppWizard

May 18, 2026

Why There’s Simply No Need For Android Antivirus Apps Anymore

Android users are advised to avoid clicking on random links and sideloading applications to maintain safety. Threats such as phishing scams, deceptive pop-ups, and malicious links still exist in the Android ecosystem. Android includes built-in security features like Google Play Protect, which scans applications for malware and alerts users to threats, and Google Safe Browsing, which warns against hazardous websites. Monthly security updates are released to patch vulnerabilities, but the speed of these updates can vary by manufacturer. Users should avoid downloading apps from unverified sources, regularly review app permissions, and install security updates promptly. While antivirus applications can be useful, cultivating smart usage habits is crucial for effective security.

AppWizard

May 15, 2026

Android 16 Bug Allows Apps to Ignore VPNs and Leak IP Addresses

Android 16 may have a vulnerability that allows applications to bypass VPN protections, potentially exposing users' IP addresses. A security engineer reported this issue through Google’s Vulnerability Reward Program, but Google's security team deemed it "infeasible" to address. The vulnerability lies within the ConnectivityManager system service, which circumvents the VPN tunnel, leading to unencrypted traffic and exposure of sensitive information. This issue persists even with "Always-on VPN" or "Block connections without VPN" features enabled. Although there is no confirmed exploitation of this vulnerability, it poses ongoing risks for users. GrapheneOS has patched the issue, indicating a fix is possible. A debug command has been identified as a temporary workaround for affected users, but it requires caution and understanding of USB debugging mode.

AppWizard

May 11, 2026

Google warns 7 million Android users to delete these 28 fake apps

28 Android applications were removed from the Google Play Store after being identified as scams by security researchers at ESET. These apps, part of a campaign called “CallPhantom,” falsely claimed to provide access to private call logs, SMS records, and WhatsApp activity. They attracted millions of downloads despite lacking legitimacy, offering fabricated data such as fake phone numbers and bogus call durations. Some apps charged users for “detailed reports” that either never arrived or contained nonsensical information. The apps did not steal phone data or install malware but instead promised illicit access and generated fictitious data. The primary targets of this scam were users in India and the Asia-Pacific region.

AppWizard

May 8, 2026

Android alert: 7 million users downloaded ‘stalking’ apps that were actually scams

Security researchers at ESET uncovered a scam involving 28 applications named "CallPhantom," which collectively amassed over 7.3 million downloads on the Google Play Store. These apps promised access to call histories, SMS records, and WhatsApp call logs for any phone number, raising privacy concerns. They requested intrusive permissions from users' devices, leading to potential privacy violations. Payment structures varied, with some using Google Play's billing system and others circumventing it through third-party methods. ESET reported the apps to Google in December 2025, resulting in their removal from the Play Store. A recent search confirmed that these apps are no longer available.