Official app stores promise safety, but hundreds of malicious apps bypass review every year. For impersonated brands, the damage compounds before anyone notices.
In late 2025, security researchers at Zscaler published findings that had become grimly familiar: 239 malicious apps had bypassed Google Play’s security review between June 2024 and May 2025, accumulating over 42 million downloads before detection. Weeks later, Bitdefender disclosed a separate campaign involving 331 apps with 60 million downloads, many of which had bypassed Android 13’s security restrictions entirely. The combined download volume exceeded 100 million, and neither report claimed to capture the full scope of the problem.
The pattern has repeated for years. Every major security vendor eventually publishes similar findings: hundreds of apps, tens of millions of downloads, eventual removal after victims have already been compromised. What makes this persistent is not a failure of effort on Google’s part, but rather a structural mismatch between how app review works and how attackers have learned to exploit it.
The gap between app store security and reality
Official app stores market themselves as curated environments where users can download with confidence. Google Play Protect scans submissions for malware, checks behavior against known threat signatures, and removes apps when researchers report them. Apple’s review process examines code before publication. Both platforms invest heavily in security, and both catch enormous volumes of malicious submissions before they ever reach users.
The difficulty is that catching malware at review time requires the malware to be present at review time. Zscaler’s analysis found a 67 percent year-over-year increase in mobile malware transactions, with banking trojans and spyware representing the most common threats. The malicious apps that reach official stores typically masquerade as utility applications, productivity tools, QR scanners, and wallpaper apps, categories where users expect simple functionality and don’t scrutinize permissions closely.
What makes these apps difficult to catch is their architecture. Bitdefender’s researchers noted that the apps initially appear benign, passing review without triggering alerts. Malicious functionality activates only after installation, often loading from remote servers rather than residing in the app code itself. Some campaigns evolved their evasion techniques mid-stream, shifting from manifest-declared components to string-obfuscated references that automated scanning missed. The app that Google reviews is not the app that eventually runs on a user’s device.
How fake apps exploit brand trust
For organizations whose brands are impersonated, the app store problem creates a specific kind of exposure that differs from website-based brand impersonation. When a fake banking app or cryptocurrency wallet appears on an official store, it carries implicit platform endorsement. Users reasonably assume that apps available through Google Play or the App Store have passed some threshold of legitimacy, which makes impersonation more effective than equivalent attacks hosted on standalone domains.
Cyble researchers documented more than 20 malicious Android apps on Google Play impersonating cryptocurrency platforms including SushiSwap, PancakeSwap, Binance, and Raydium. The apps used legitimate branding, icons, and interface designs to convince users to enter seed phrases, which were then exfiltrated to attacker-controlled servers. The FBI has warned repeatedly about fake crypto apps using names and logos of actual financial institutions to steal funds, identifying 244 victims and $42.7 million in losses from a single campaign.
The challenge for impersonated brands is response time. A rogue app can accumulate thousands of downloads before the brand’s security team becomes aware it exists, and the takedown process through app stores can take days or weeks depending on how quickly the platform responds. By the time an impersonating app is removed, victims have already been compromised, and the brand suffers reputational damage that persists even after the threat is addressed.
Why malicious apps consistently bypass review
The persistence of malicious apps on official stores reflects several structural factors that work in attackers’ favor. Google Play receives millions of app submissions annually, which means review processes must optimize for scale rather than depth. Automated scanning catches known malware signatures and obvious policy violations effectively, but novel evasion techniques can slip through until enough samples accumulate for patterns to emerge.
The most effective evasion exploits the gap between review and runtime. Apps that behave normally during review and only activate harmful functionality after installation, or after a delay, or only for users in specific geographic regions, are inherently difficult to catch through pre-publication analysis. Bitdefender observed apps that loaded phishing pages targeting Facebook and YouTube credentials, displayed through what appeared to be standard advertising frameworks. The line between aggressive advertising and credential theft can be ambiguous when the malicious content loads dynamically from external servers.
Even successful detection creates only temporary gaps. When platforms remove malicious apps, replacement apps often appear quickly through different developer accounts using similar templates. The operators behind large-scale campaigns treat individual app takedowns as a cost of doing business rather than a meaningful disruption, maintaining continuous presence on the platform through volume and iteration.
Implications for brand protection teams
The persistence of malicious apps on official stores has implications for how organizations approach digital risk protection. Relying on platform enforcement alone is insufficient because the enforcement happens after victims have already been exposed. By the time a store removes an impersonating app, the window for harm has passed.
Proactive monitoring becomes essential. Organizations need visibility into what apps are being published that use their brand names, logos, or visual identity, ideally before those apps accumulate significant download volume. This requires continuous scanning of app stores, including regional variants and third-party marketplaces where sideloading risks compound the exposure.
The detection-to-takedown timeline matters in ways that parallel fraudulent website remediation. An impersonating app identified and reported within hours causes less damage than one that operates for weeks, which means the speed of brand monitoring directly affects victim outcomes.
The Bottom Line
Google’s new developer verification requirements for 2026 represent an acknowledgment that current screening falls short. Whether verification meaningfully reduces the problem or simply shifts attacker tactics toward identity fraud and account compromise remains to be seen. History suggests that attackers adapt to new controls faster than platforms can deploy them.
Key Takeaways
Zscaler documented 239 malicious apps with 42 million downloads on Google Play between June 2024 and May 2025. Bitdefender found 331 apps with 60 million downloads in a separate campaign. These are representative samples, not comprehensive counts.
Malicious functionality often activates only after installation, loads from remote servers, or targets specific user populations. The app that passes review is not the app that eventually runs on user devices.
Fake apps using legitimate brand names, logos, and interfaces exploit user trust in official app stores. Victims often blame the real company, and reputational damage accumulates even after the app is removed.
Proactive app store monitoring to detect impersonating apps early, rapid takedown processes, and user education about verifying app publishers before downloading. Platform enforcement alone is insufficient.
Zscaler reported a 67 percent year-over-year increase in mobile malware. While platforms continue improving detection, attackers continue evolving evasion techniques. The equilibrium favors persistent threats.
