tapjacking Archives

AppWizard

February 20, 2026

Google banned 80,000 developer accounts, blocked 27 million dangerous apps from outside Google Play and more: How Google kept Android users safe in 2025 – The Times of India

Google's annual review highlighted its security measures for Android and Google Play, reporting that in 2025, it prevented over 1.75 million policy-violating apps from being published and banned more than 80,000 developer accounts. Google Play conducted over 10,000 safety checks on every app, blocked 160 million spam ratings, and Google Play Protect scanned over 350 billion Android apps daily. New fraud protection features were introduced, blocking 266 million risky installations and protecting users from 872,000 high-risk applications. Developer tools were enhanced with Play Policy Insights and expanded pre-review checks, while the Play Integrity API conducted over 20 billion checks daily. Google plans to invest further in AI-driven defenses and implement developer verifications in 2026.

AppWizard

February 20, 2026

Google cleans house, bans 80,000 developer accounts from the Play Store

Google blocked the publication of over 1.75 million policy-violating applications on its Google Play platform in 2025 and took action against over 80,000 developer accounts attempting to introduce harmful apps. The company conducted more than 10,000 safety checks on every app and integrated generative AI models into its app review process, preventing over 255,000 apps from gaining excessive access to sensitive user data. Google blocked 160 million fake or manipulated ratings and reviews in the previous year and identified more than 27 million new malicious apps from outside Google Play, thwarting 266 million risky installation attempts in 2025. Google introduced in-call scam protection to prevent users from disabling Google Play Protect during phone calls. The Play Policy Insights tool provides developers with real-time feedback, and the Play Integrity API performs over 20 billion daily checks to prevent abuse. Google plans to extend developer verification to all developers and has implemented protections for sensitive data in Android 16.

AppWizard

February 20, 2026

Keeping Google Play & Android app ecosystems safe in 2025

The Android ecosystem focuses on preventing real-world harm, including malware and privacy invasions, by enhancing investments in AI and real-time defenses. In 2025, over 1.75 million policy-violating apps were prevented from being published, and more than 80,000 malicious developer accounts were banned. Google Play conducts over 10,000 safety checks on each app, blocking over 255,000 apps from accessing sensitive user data and 160 million spam ratings and reviews. Google Play Protect scans over 350 billion apps daily, identifying over 27 million new malicious apps last year. Enhanced fraud protection was expanded to 185 markets, blocking 266 million risky installation attempts. Developer tools like Play Policy Insights and the Play Integrity API were introduced to streamline app development and enhance security. Developer verification is being extended to ensure accountability, and Android 16 includes features to protect sensitive information with minimal code.

AppWizard

February 19, 2026

Google blocked over 1.75 million Play Store app submissions in 2025

Google blocked over 255,000 Android apps from gaining excessive access to sensitive user data and rejected more than 1.75 million apps from publication on Google Play due to policy violations. The company banned over 80,000 "bad developer accounts" and detected more than 1.75 million policy-violating apps. Google blocked 160 million spam ratings to prevent an average 0.5-star drop in targeted apps. Play Protect scans over 350 billion apps daily, identifying over 27 million malicious apps sideloaded from outside Google Play, and successfully blocked 266 million installation attempts from 872,000 unique risky apps. The Play Integrity API processes over 20 billion checks daily, and new hardware-backed signals and in-app remediation prompts were introduced in 2025. Android 16 includes built-in protections against “tapjacking attacks.”

AppWizard

February 19, 2026

Android security gets aggressive as Google bans thousands of developers and millions of sketchy apps

Google has reported significant improvements in app security for Android in 2025, preventing over 1.75 million policy-violating apps from entering the Play Store and removing more than 80,000 developer accounts attempting to distribute malware. The integration of AI models into the app review process has enhanced the speed and accuracy of identifying malicious patterns. Additionally, Google blocked over 255,000 apps from requesting unnecessary sensitive data and eliminated 160 million spam ratings and reviews. Google Play Protect now evaluates over 350 billion apps daily, identifying 27 million new malicious apps outside the Play Store and blocking 266 million risky installation attempts across 185 markets. A new measure has been implemented to prevent users from disabling Play Protect during phone calls to combat social engineering tactics. Future plans include democratizing developer verification and simplifying protection against "tapjacking" attacks in Android 16.

AppWizard

July 12, 2025

New Android TapTrap attack fools users with invisible UI trick

A new tapjacking technique called TapTrap can exploit user interface animations on Android devices, bypassing the permission system and potentially allowing access to sensitive data or harmful actions. TapTrap operates with zero-permission applications, layering a transparent activity over a malicious one. This vulnerability exists in both Android 15 and 16. Developed by researchers from TU Wien and the University of Bayreuth, TapTrap manipulates activity transitions using custom low-opacity animations, making risky prompts nearly invisible to users. An analysis of nearly 100,000 apps revealed that 76% are vulnerable to TapTrap due to specific conditions related to activity launching and animation handling. The attack has been confirmed on Android 16, including tests on a Google Pixel 8a. GrapheneOS has acknowledged its vulnerability to TapTrap and plans to include a fix in its next release. Google is aware of the issue and intends to address it in a future update.