Written by Mark0
Kaspersky researchers have identified a new Android firmware-level backdoor dubbed Keenadu, which mimics the behavior of the Triada trojan by embedding itself into system libraries. The malware is integrated into the libandroid_runtime.so library during the firmware build phase, allowing it to hook into the Zygote process and infect every application launched on the device. This supply chain attack primarily targets Android tablets, providing attackers with unrestricted control over the hardw...