Sideloading is the installation of an app from outside the official app store, such as by downloading an APK directly or using a third-party marketplace. On Android, this can bypass some of the review, scanning, and reputation checks that store-delivered apps receive, which makes it a common path for trojanized or repackaged software.
It matters in cyber security because attackers often use sideloading to deliver malware, spyware, ad fraud tools, or apps that abuse permissions after installation. A sideloaded app may look legitimate but request access to contacts, messages, accessibility services, or device administration for fraudulent use. Defenders reduce risk by limiting unknown-source installs, enforcing app allowlists, using mobile device management policies, and warning users before they approve risky installs. In practice, sideloading is not always malicious, but it is a higher-trust, higher-risk action that weakens platform protections.