Home > technology

Beware, Kaspersky Finds Android Malware that Infiltrates Firmware to Google Play

An example of an infected Keenadu app on Google Play (photo: Kaspersky)

JAKARTA - Kaspersky has detected a new Android malware called Keenadu, which can be installed directly into the device firmware, embedded in system applications, or downloaded from official app stores.

Currently, Keenadu is used for ad fraud, where attackers use infected devices as bots to send link clicks on ads, even allowing full control over the victim's device.

As of February 2026, Kaspersky mobile security solutions detected more than 13,000 Keenadu-infected devices, with the largest number of victims coming from Russia, Japan, Germany, Brazil, and the Netherlands.

Integrated into the device firmware

Keenadu is integrated into the firmware of several Android tablet models. In this variant, Keenadu can infect any installed application on the device, install any application from an APK file, and give them any available permissions.

As a result, all information on the device, including media, messages, banking credentials, location, and so on, can be compromised.

Embedded in the system application

In this variant, Keenadu's functionality is limited - it cannot infect every application on the device, but since it is inside the system application, it can still install any side application the attacker chooses without the user's knowledge.

Moreover, Kaspersky found Keenadu embedded in the system application responsible for unlocking the device with the user's face. Attackers can potentially obtain the victim's face data.

Embedded in an application distributed through the Android app store

Kaspersky experts also found that some of the apps distributed on Google Play were infected with Keenadu. However, at the time of publication, these apps have been removed from Google Play.

When the app is launched, the attacker can launch an invisible web browser tab inside the app, which can be used to browse various websites without the user's knowledge.

"It is important for users to understand the risks and check every stage of the production process to ensure that the device firmware is not infected," said Dmitry Kalinin, security researcher at Kaspersky.

Tag: kaspersky malware play store aplikasi

Related News :

| NEWS
Xi Jinping-Kim Jong Un Emphasize Friendship, Do Not Discuss Nuclear
| ECONOMY
DEN Survey: Free Nutritional Meal Program to Move Local MSMEs
| ECONOMY
DEN Chairman: Digitalization Can Boost Tax Ratio to 13 Percent
| NEWS
Apart from OTT, the Police's Corruption Tipikor is Ready to Join the KPK to Investigate the Modus Operandi of Washing Judol Money
| MUSIK
Focus on the Music World, Suki Waterhouse Admits to Being More Free than Being a Model
| SPORTS
Barcelona Interim President: Atletico Madrid's Mocking Post is Unworthy