Kaspersky researchers discovered a previously undocumented Android backdoor named Keenadu embedded in tablet firmware that can infect devices before they reach consumers and grant attackers virtually unrestricted control. The campaign, linked to advertising-fraud modules and found in devices from multiple manufacturers including Alldocube, resists standard Android removal methods and may require installing clean firmware or replacing the device; #Keenadu #Alldocube
Keypoints
- Keenadu is a firmware-level backdoor that loads into every application on infected tablets.
- Researchers recorded over 13,700 detections, with the highest numbers in Russia, Japan, Germany, Brazil, and the Netherlands.
- The malware was primarily used for advertising fraud, hijacking browsers, monitoring app installs, and manipulating ad components.
- Keenadu was found integrated into firmware from multiple manufacturers, notably Alldocube, and persisted after some firmware updates.
- The backdoor cannot be removed by standard Android security tools and may require reinstalling trusted firmware or replacing the device.
Read More: https://therecord.media/new-backdoor-found-in-android-russia-japan-brazil