Skip to content
  • Home
  • Cyber Map
  • About Us – Contact
  • Disclaimer
  • Terms and Rules
  • Privacy Policy
Cyber Web Spider Blog – News

Cyber Web Spider Blog – News

Globe Threat Map provides a real-time, interactive 3D visualization of global cyber threats. Monitor DDoS attacks, malware, and hacking attempts with geo-located arcs on a rotating globe. Stay informed with live logs and archive stats.

  • Home
  • Cyber Map
  • Cyber Security News
  • Security Week News
  • The Hacker News
  • How To?
  • Toggle search form
Widespread Keenadu Malware Threatening Android Devices

Widespread Keenadu Malware Threatening Android Devices

Posted on February 18, 2026 By CWS

Cybersecurity experts at Kaspersky have recently identified a new Android malware known as Keenadu, which allows remote control over infected devices. The malware has primarily been found embedded in the firmware of a variety of Android brands, with a significant presence in tablets.

Malware Distribution and Capabilities

Keenadu has been detected in firmware either during the development phase or delivered through over-the-air (OTA) updates. The malware grants operators full access to compromised devices, primarily for executing ad fraud. Kaspersky researchers have observed Keenadu payloads performing tasks such as hijacking browser search engines, monetizing app installations, and generating ad clicks.

Prevalence and Distribution Channels

Many devices came preloaded with this malware, while others received it through app stores, including Google Play and Xiaomi GetApps, disguised as smart camera applications. These malicious apps were downloaded over 300,000 times before their removal from Google Play.

Impact and Connections to Other Botnets

Kaspersky’s security solutions have identified Keenadu infections on approximately 13,000 devices, predominantly in Russia, Japan, Germany, Brazil, and the Netherlands. The malware code is loaded into the address space of every app upon launch. In some cases, it was integrated into critical system utilities such as facial recognition and the launcher app.

Researchers have uncovered links between Keenadu and several large botnets, including Triada, Vo1d, and BadBox, all of which primarily exploit low-cost Android devices. Evidence points to Chinese origins for Keenadu, similar to these other botnets. Although connections between these botnets exist, Kaspersky cautions that these linkages are not necessarily direct, noting that further evidence is required to confirm any transitive relationships.

The discovery of Keenadu underscores the persistent threat of malware in mobile devices, and ongoing investigations may reveal further complexities in these interconnected botnet networks.

Security Week News Tags:ad fraud, Android malware, app stores, Botnets, Chinese malware, Cybersecurity, Firmware, Google Play, Kaspersky, Keenadu, mobile devices, mobile security, Triada, Xiaomi GetApps

Post navigation

Previous Post: Kickstart Your Intelligent Workflow Program with 3 Key Strategies
Next Post: SysUpdate Malware Variant Targets Linux with Encrypted C2

Related Posts

Thousands of SaaS Apps Could Still Be Susceptible to nOAuth Thousands of SaaS Apps Could Still Be Susceptible to nOAuth Security Week News
Tight Cybersecurity Budgets Accelerate the Shift to AI-Driven Defense Tight Cybersecurity Budgets Accelerate the Shift to AI-Driven Defense Security Week News
Depthfirst Raises  Million for Vulnerability Management Depthfirst Raises $40 Million for Vulnerability Management Security Week News
7-Eleven Data Breach Unveiled Amid Ransom Threats 7-Eleven Data Breach Unveiled Amid Ransom Threats Security Week News
CISA Highlights SharePoint Security Vulnerability Exploitation CISA Highlights SharePoint Security Vulnerability Exploitation Security Week News
Apple Updates iOS, macOS with Critical Security Fixes Apple Updates iOS, macOS with Critical Security Fixes Security Week News

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Recent Posts

  • AI Security Model Redeployment and Major Vulnerabilities
  • Flipper Zero Enhances Firmware Development Strategy
  • T3MP3ST Framework Transforms AI Into Security Pioneers
  • Microsoft Enhances Windows 11 OOBE with New Update
  • Government Pays $1M to Prevent Data Leak by Kairos Group

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Archives

  • July 2026
  • June 2026
  • May 2026
  • April 2026
  • March 2026
  • February 2026
  • January 2026
  • December 2025
  • November 2025
  • October 2025
  • September 2025
  • August 2025
  • July 2025
  • June 2025
  • May 2025

Recent Posts

  • AI Security Model Redeployment and Major Vulnerabilities
  • Flipper Zero Enhances Firmware Development Strategy
  • T3MP3ST Framework Transforms AI Into Security Pioneers
  • Microsoft Enhances Windows 11 OOBE with New Update
  • Government Pays $1M to Prevent Data Leak by Kairos Group

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Copyright © 2026 Cyber Web Spider Blog – News.

Powered by PressBook Masonry Dark