APT / THREAT GROUP

Keenadu

2
aliases
Last seen:May 15, 2026

Intelligence Profile

Keenadu is an Android backdoor that is distributed primarily through pre-infected device firmware, as well as through malicious apps. Its capabilities include full remote control of a victim's device, ad fraud, and browser search hijacking.

Threat Analysis

Keenadu is a known-sophistication threat actor of undetermined national origin, engaged in cyber operations with a primary motivation of unknown activity patterns.

Intelligence Reports Mentioning Keenadu

External References

Quick Facts

TypeAPT / Threat Group
Aliases2

Also Known As

apk.keenaduKeenadu

External Intelligence

Malpedia: apk.keenadu

Research Links

Data sourced from Malpedia, Ransomware.live, RansomLook, and CTIWATCH OSINT collection. Actor attribution is based on available intelligence and may be incomplete.