Our malware policy is simple: the Android ecosystem including the Google Play Store, and user devices should be free from malicious behaviours (i.e. malware). Through this fundamental principle we strive to provide a safe Android ecosystem for our users and their Android devices.
Malware is any code that could put a user, a user's data or a device at risk. Malware includes, but is not limited to, potentially harmful applications (PHAs), binaries or framework modifications, consisting of categories such as trojans, phishing and spyware apps, and we are continuously updating and adding new categories.
Though varied in type and capabilities, malware usually has one of the following objectives:
- Compromise the integrity of the user's device.
- Gain control over a user's device.
- Enable remote-controlled operations for an attacker to access, use or otherwise exploit an infected device.
- Transmit personal data or credentials off the device without adequate disclosure and consent.
- Disseminate spam or commands from the infected device to affect other devices or networks.
- Defraud the user.
An app, binary or framework modification can be potentially harmful, and can therefore generate malicious behaviour, even if it wasn't intended to be harmful. This is because apps, binaries or framework modifications can function differently depending on a variety of variables. Therefore, what is harmful to one Android device might not pose a risk at all to another Android device. For example, a device running the latest version of Android is not affected by harmful apps which use deprecated APIs to perform malicious behaviour, but a device that is still running a very early version of Android might be at risk. Apps, binaries or framework modifications are flagged as malware or PHA if they clearly pose a risk to some or all Android devices and users.
The malware categories below reflect our foundational belief that users should understand how their device is being leveraged and promote a secure ecosystem that enables robust innovation and a trusted user experience.
Visit Google Play Protect for more information.
Code that contains non-Android threats.
These apps can't cause harm to the Android user or device, but contain components that are potentially harmful to other platforms.
Code that sends unsolicited messages to the user's contacts or uses the device as an email spam relay.