San Francisco, Feb 7, 2026, 02:29 (PST)
- According to the newest Android version snapshot from Google, 42.1% of devices are still on Android 12 or earlier—meaning they no longer receive security patches from Google
- Android 15 holds the top spot with 19.3% of devices, whereas Android 16 is only on 7.5%, highlighting sluggish upgrade rates
- Security experts are raising alarms about a surge in fake apps and NFC payment scams, as attackers increasingly focus on stealing money and data from smartphones
Over 40% of Android phones surveyed in Google’s newest distribution report still run Android 12 or earlier—versions that no longer get security patches, the critical updates that close vulnerabilities, according to PhoneArena. The data also shows 57.9% of devices operating on Android 13 or newer, with Android 16 installed on 7.5% and Android 15 dominating at 19.3%. (PhoneArena)
This matters now since phones serve as gateways to bank accounts, work logins, and private conversations. Malware and spyware—programs designed to steal data or spy on devices—can cause harm quickly if a phone isn’t patched.
Fixing Android’s patch gap quickly is tough. Google develops Android, but updates typically come from handset makers and carriers. Plus, many older devices can’t upgrade to newer versions, even if users want to.
Multiple outlets are highlighting a growing risk as cybercriminals target users still on outdated software, with Android 13 becoming the new minimum for full security support. According to Dig.watch, Google has issued a warning that devices running anything below Android 13 won’t get security updates anymore, putting a significant chunk of Android phones at increased vulnerability. (Digital Watch Observatory)
Google’s final official security update for Android 12 and 12L dropped in March 2025, with support officially ending on March 31, 2025, according to Android Central. The site notes that manufacturers can still “backport” fixes—meaning they manually adapt newer patches for older versions—but in practice, many don’t. (Android Central)
Attackers are taking advantage of the chaos. “The year 2025 saw a record-breaking number of attacks on Android devices,” said Kaspersky researcher Stan Kaminsky, highlighting criminals exploiting sideloaded apps—those installed outside official stores—and the rise in payment scams. He also detailed NFC (near-field communication) relay attacks, where victims unwittingly assist thieves in stealing card data via contactless transactions. (Kaspersky)
Older software is running headfirst into a surge in mobile threats. Malwarebytes reported a 151% jump in Android-targeting malware during the first half of 2025, with spyware rising 147%. They pointed to outdated devices as a “systemic issue.” “Attackers know we trust our mobile devices implicitly,” said Shahak Shalev, senior director of R&D for online platforms at Malwarebytes. (Malwarebytes)
Not all is bleak, though. Google points out that Play Protect scans apps right at install and keeps checking devices regularly, ready to alert users or block dangerous apps. According to Google’s Android Security Bulletin, some devices running Android 10 or newer receive Google Play system updates with a patch date string matching that month’s patch level. This means certain fixes can still make it to older phones even after full OS updates have stopped. (Pomoc Google)
The key question for users is straightforward: does the phone support Android 13 or newer, and does it show up-to-date security patches in Settings? If not, security experts advise treating the device as higher risk—particularly when handling banking, work email, or mobile payments—and steering clear of app installs from links, texts, or unofficial sources.
The patch gap adds fuel to the competition. Apple rolls out iOS updates simultaneously to all supported iPhones, but Android updates get tangled in a lengthy supply chain involving manufacturers, different models, and carriers.
Samsung, the world’s top Android phone maker, quietly ended updates for most Galaxy S21 models last week, TechRadar reports, after pulling them from its security update roster. This move shows that even flagship devices don’t stay on the patch schedule indefinitely, forcing users to balance cost against potential security risks. (TechRadar)
The real solution is slow and dull: extending support timelines, speeding up updates, and gradually replacing old devices. For now, though, a huge number of aging Android phones remain in use — and attackers will keep targeting the easiest entry points.
