Keenadu is a newly discovered, highly sophisticated Android backdoor embedded in firmware across multiple device brands that can compromise every installed app and give attackers unrestricted control. Kaspersky reports multiple distribution methods — including compromised OTA firmware, system apps, modified APKs, and apps on Google Play — and has confirmed about 13,000 infected devices worldwide. #Keenadu #Kaspersky
Keypoints
- Keenadu is a firmware-embedded Android backdoor that can operate within every installed app.
- The malware spreads via compromised OTA firmware, backdoors, system apps, modified APKs, and apps on Google Play.
- The firmware-based variant is the most powerful and Kaspersky has confirmed roughly 13,000 infected devices globally.
- Keenadu compromises libandroid_runtime.so to run in the context of every app, making standard removal tools ineffective.
- Operators focus on ad fraud now, but the backdoor can steal data, install apps silently, and perform full device control; remediation requires clean firmware or device replacement.