Skip to main content
See every side of every news story
Get Started
SubscribeLogin
Published loading...Updated

Android Backdoor Pre-Installed On Devices — Thousands Already Infected

  • Kaspersky researchers discovered Keenadu, an Android backdoor embedded in firmware of devices from multiple makers, giving attackers unlimited control over infected devices as of February 2026.
  • Kaspersky says the malware spreads via compromised firmware OTAs, other backdoors, embedded system apps, modified APKs and Google Play; Alldocube acknowledged an OTA server compromise and a malicious August 18, 2023 firmware on the iPlay 50 mini Pro.
  • In its firmware-integrated variant, Keenadu compromises the libandroid_runtime.so core library to operate within every app, silently installs apps, monitors Chrome browser incognito searches, and resists standard Android OS removal tools.
  • Some Google Play apps reached 300,000 downloads before removal, with 13,000 infected devices confirmed by Kaspersky , and researchers advise finding clean firmware or replacing devices while warning of broad data theft risks.
  • Embedding in system apps for facial recognition increases stealth, but malware stops if Google Play Store and Play Services are absent, while researchers compare Keenadu to Triada across multiple device makers and low-cost supply chains.
Insights by Ground AI
Podcasts & Opinions

20 Articles

ForbesForbes
Center

Android Backdoor Pre-Installed On Devices — Thousands Already Infected

Kaspersky Threat Intelligence has confirmed that a fully functional malware backdoor is being distributed pre-installed on Android devices.

·United States
Read Full Article
PC MagPC Mag
Lean Left

This Preinstalled Android Malware Can Hack Any App You Launch on a Device

Be wary of cheap Android devices. Antivirus provider Kaspersky discovers a new backdoor called 'Keenadu,' which has been circulating as preinstalled firmware on several tablet models.

·United States
Read Full Article
BleepingComputerBleepingComputer
Center

New Keenadu backdoor found in Android firmware, Google Play apps

A newly discovered and sophisticated Android malware called Keenadu has been found embedded in firmware from multiple device brands, enabling it to compromise all installed applications and gain unrestricted control over infected devices.

Read Full Article
netzweltnetzwelt

Experts Beat Alarm: Android Firmware Ex Factory Infected with Malware

On thousands of Android devices there is a malicious software that allows hackers to read personal data. This is how you protect yourself. This article has been sorted under Current Fraud Warnings.

Read Full Article
Heti VilággazdaságHeti Világgazdaság

There Are Mobile Phones that Are Teeming with Viruses the Moment You Open Them.

Kaspersky researchers have discovered a rare but dangerous Android malware that can be installed on devices at the moment of purchase. This is not the first such virus.

·Hungary
Read Full Article
The Record by Recorded FutureThe Record by Recorded Future

New backdoor found in Android tablets targeting users in Russia, Germany and Japan

In a report released this week, Russian cybersecurity firm Kaspersky said it uncovered a previously undocumented backdoor dubbed Keenadu that is built directly into a device’s core software, allowing it to load into every application launched on the tablet.

Read Full Article
Think freely.Subscribe and get full access to Ground NewsSubscriptions start at $9.99/yearSubscribe

Bias Distribution

  • 67% of the sources are Center
67% Center

Factuality Info Icon

To view factuality data please Upgrade to Premium

Ownership

Info Icon

To view ownership data please Upgrade to Vantage

securelist.com broke the news in on Tuesday, February 17, 2026.
Too Big Arrow Icon
Sources are mostly out of (0)

Similar News Topics

Google icon

Google

Software icon

Software

Apps icon

Apps

Cyberattacks icon

Cyberattacks

Android icon

Android

Cybersecurity icon

Cybersecurity

News
Feed Dots Icon
For You
Search Icon
SearchBlindspot LogoBlindspotLocal