"Google Play is axing its Security Reward Program"
The program paid devs up to 20k to locate vulnerabilities in popular Android apps. Google says they’re "winding down the program due to a decrease in actionable vulnerabilities reported by security researchers"
In other words, they no longer give a shit if there's malware on Google Play, because now they changed the legal liability to be on the app dev. Over a year ago, they changed the legal wording so the dev has to self-report what permissions are used. This shifts responsibility away from the Play Store onto the dev.
But if Google shifts the responsibility on the dev for the bad side, but they keep the good side (collecting user data), then why do we even need them? We don't. Avoid Google Play... switch to F-Droid, APKs, and Obtainium.