Keenadu

Kaspersky’s technical analysis found Keenadu, a firmware backdoor embedded in libandroid_runtime.so on Android tablets. Telemetry shows 13,715 users encountered the malware, which can inject into every app and bypass Android sandboxing.