Skip to main content
Meet us at Black Hat USA 2026— Las Vegas, August 1–6Book a Meeting
Mallory
Back to intelligence
extension-plugin-hijack

Apple and Google tighten and reshape app distribution through geoblocking and alternative app store programs

Updated 2d agoFirst seen Mar 6, 20262 sources

Apple began restricting US App Store access to certain ByteDance-owned apps, using increasingly sophisticated location-determination and geoblocking mechanisms. Reporting highlighted Apple’s use of signals such as GPS, Wi‑Fi country codes, SIM information, and potentially IP-based location checks (as reflected in App Store legal terms) to decide whether apps subject to regional legal restrictions can be offered; some users reported partial workarounds via VPNs, though results are inconsistent.

Google announced Play Store policy changes following its settlement of the Epic Games dispute, expanding developer billing options, adjusting fee structures, and introducing a Registered App Stores program to streamline installation of third-party Android app stores that meet Google’s safety/quality requirements. The rollout is staged by region (starting in the EEA/UK/US), and is positioned as enabling more alternative distribution while maintaining payment and ecosystem security controls—an approach that contrasts with Apple’s tighter, location-enforced gating of app availability and marketplace access.

Share:
Apple and Google tighten and reshape app distribution through geoblocking and alternative app store programs
Stay ahead

Get ahead of threats like this

Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.

EVENT TIMELINE

How this story unfolded

7 events from the most recent confirmed update back to the earliest known activity.

7 EVENTS
Sep 1, 2027just now

Google to complete global Play policy rollout

Google said the revised Play Store policies will reach the rest of the world by September 2027. This marks the final stage of the global rollout announced after the Epic Games settlement.

Dec 31, 2026just now

Google to expand revised Play policies to Japan and South Korea

Google said Japan and South Korea will receive the new Play Store policy framework by the end of 2026. This continues the phased global rollout of the settlement terms.

Google plans major Android release for Registered App Stores program

Google said the Registered App Stores program will begin outside the US first and may later expand to the US pending court approval. The company tied the program to a major Android release expected by the end of 2026.

Sep 1, 2026just now

Google to expand new Play policies to Australia

Google said it will extend the revised Play Store policies to Australia in September 2026 as part of the settlement rollout. The expansion follows the initial launch in the EEA, UK, and US.

Jun 30, 20261d ago

Google to begin Play policy rollout in EEA, UK, and US

Google said the first phase of its new Play Store policy changes will start in the European Economic Area, the United Kingdom, and the United States by June 30, 2026. This phase includes allowing developers to use their own billing systems alongside Google Play billing and to direct users to complete purchases outside the app.

Mar 6, 20264mo ago

Apple blocks US downloads of ByteDance's Chinese apps

Ars Technica reported that Apple users in the United States could no longer download ByteDance's Chinese apps. The reference does not provide a more specific event date, so the publication date is used.

Mar 5, 20264mo ago

Google agrees to change Play Store policies in Epic Games settlement

Google said it will revise Google Play policies as part of a settlement in its legal dispute with Epic Games. The changes include expanded billing options, reduced fees through new developer programs, and a Registered App Stores program.

LINKED ENTITIES

Related entities

Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.

4 LINKEDOpen in app
Affected products
2 linked
AndroidAndroid
Organizations
2 linked
GoogleEpic Games
The operational view lives in Mallory

See the full picture, correlated to your attack surface.

This page covers what’s public. Mallory adds the parts that aren’t — which of your assets are affected, which threat actors are using it right now, which detections to deploy, and what to do next.
Exposure mapping

Map indicators from this story to your assets and identify affected systems in minutes.

Threat actor evidence

Every observed campaign, victim, and pivot linked to actors named in this story.

Associated malware

Malware, exploits, and IOCs connected to the activity described here.

Detection signatures

YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.

Scheduled alerts

Get matching new stories delivered to your team as they break — not the next morning.

AI threads

Ask questions about this story and take action on the answers.