ORIGINAL ARTICLE : Official app storefronts like Google Play often boast that it has tighter security measures and systems in place to prevent malware downloads. But there’s no such thing as a perfect system. In fact, a recent report from cloud security company, Zscaler, revealed that malicious Android apps have been downloaded from Google Play a whopping 42 million times .

Malicious Android apps are slipping past Google’s defenses

The report revealed that these malicious Android apps were downloaded more than 40 million times between June 2024 and May 2025. The company also noticed a 67% year-over-year growth in malware, specifically those that are targeting mobile devices. We’re talking about spyware and banking trojans being of particular note.

According to Zscaler, “To carry out these attacks, cybercriminals deploy phishing trojans and malicious apps designed to steal financial information and login credentials.” Interestingly enough, out of all the attacks, the US, Canada, and India received about 55% of them.

The company has also announced three of the most notable malware that have affected Android users. This includes Anatsa, which was first discovered in 2020. The latest version can apparently steal data from over 831 financial organizations and crypto platforms. Then there is Void, a malware targeting Android TV boxes and has infected at least 1.6 million devices to date. However, these devices are running outdated versions of AOSP.

Last but not least is Xnotice. This is a relatively new remote access trojan that seems to target users who are looking for jobs in the oil and gas industry.

How to protect yourself?

One of the easiest ways to protect yourself is to download apps from official storefronts. We know we said that no system is perfect, but Google has done a pretty good job so far. Also, be sure to check the reviews of the apps and see who are its developers. This is important because sometimes some developers might try to trick users with similar sounding apps.

Reviews will also tell you if an app is legitimate. If there are many bad reviews, then stay away. Lastly, avoid downloading apps from suspicious sources, including APK files sent via email. This is an easy way for hackers to slip malware into your phone without knowing.