TL;DR
- Researchers found a firmware-level Android backdoor called Keenadu preinstalled on certain tablets before sale.
- The malware injects into Android’s Zygote process, giving attackers broad control over apps and data on the tablets.
- The issue appears limited to lesser-known tablet brands, but affected users should install updates immediately.
Worrying as it may be, at least most Android malware spreads through shady apps or dodgy downloads, giving you a semblance of autonomy over whether you get infected by it or not. But security researchers say they’ve found something more unsettling: a backdoor built directly into the firmware of certain Android tablets before they even reached users.
According to a report highlighted by Help Net Security, Kaspersky researchers uncovered a new Android backdoor named Keenadu, embedded in the firmware of tablets from multiple manufacturers. Rather than infecting devices after purchase, the malware appears to have been baked into the software of the tablets from the start during the firmware build process.
​Â
