Keenadu: Android malware that comes preinstalled and can’t be removed by users

Keenadu is an Android malware that arrives preinstalled on devices through compromised firmware (the core system software that runs before the operating system), giving attackers deep control before users even finish setup. Because it embeds itself at the firmware level with elevated privileges (high-level system access), standard removal methods don't work, and it can steal biometric data, messages, banking credentials, and monitor browser searches. The malware has infected over 13,000 devices across multiple countries and can also spread through seemingly harmless apps in app stores.