Google blocked more than 1.75 million policy-violating apps from its Play Store in 2025 and removed over 80,000 malicious developer accounts, the company announced this week, as it increasingly relies on artificial intelligence to combat evolving cyber threats.
The surge in preventative action reflects a growing arms race between Google and threat actors who are leveraging AI to create more sophisticated malware, according to a report from Vijaya Kaza, Google’s vice president of App & Ecosystem Trust. Google has integrated AI models directly into its app review process, supplementing human reviewers to identify complex malicious patterns more quickly.
The company’s Android security measures now scan over 350 billion apps daily through Google Play Protect, its built-in malware scanner. In 2025 alone, Play Protect identified 27 million fresh malicious apps originating from sources outside the official Play Store. Real-time security features, including in-call scam protections, were also launched to safeguard users from fraud and other threats.
Researchers at ESET recently uncovered a new Android malware, dubbed PromptSpy, that exploits Google’s Gemini GenAI tool to maintain persistence on infected devices. PromptSpy utilizes Gemini to analyze onscreen elements and receive instructions on how to remain pinned in the recent apps list, preventing users from easily terminating the application. ESET researcher Lukáš Štefanko noted that while Gemini’s role in PromptSpy’s execution is currently limited, it demonstrates the potential for AI to enhance malware adaptability, allowing threat actors to automate actions previously requiring complex scripting.
PromptSpy is designed to deploy a Virtual Network Computing (VNC) module, granting attackers remote access to the victim’s device, including the ability to capture lockscreen data, gather device information, accept screenshots, and record screen activity. The malware appears to be financially motivated and targets users with branding related to Morgan Chase, with initial distribution focused on Argentina, according to ESET.
The emergence of PromptSpy coincides with a broader trend of AI-powered malware, prompting Google to bolster its defenses. The company’s efforts also included blocking 255,000 apps from requesting unnecessary sensitive data, such as location or photos, further enhancing user privacy.
Google has not commented on specific responses to PromptSpy beyond its general security updates. The company continues to refine its AI-driven security measures, with ongoing development and deployment of new defenses planned for the remainder of 2026.
