Say what you want about Google, but the company has a solid track record of doing all they can to keep the Google Play Store relatively free of poisoned apps. By most accounts, they have been wildly successful at that.
Unfortunately, given the sheer number of apps available on the Play Store, statistics invariably catch up with them.
A small number of poisoned apps, trojans, and the like still find their way onto the store. They blend in with legitimate apps until some enterprising researcher discovers them, at which point, Google promptly brings the hammer down.
The question is, why does it keep happening? It's a fair question, but it's important to put it in the proper context. After all, more than 99 percent of the apps on the Play Store right now are perfectly fine, so Google's robust system of checks and strict guidelines are certainly working.
The problem is, nobody ever reports on the fact that the majority of the time, the system works as advertised. We only tend to hear about the instances where something goes off the rails and an unsavory developer temporarily pulls the wool over Google's eyes.
The answer is simply this: No system, no matter how robust, is perfect. Google generally does a good job of policing its Play Store, which is why people trust their app on the internet.
There's always room for improvement. To the company's credit, Google is regularly and methodically improving its processes. Due diligence is required for the user, even when downloading apps from a supposedly safe source. We can't fault Google for the actions of careless users. Actions of determined, unsavory developers who occasionally find ways to circumvent the company's safeguards are responsible temporarily.