Supply Chain Attack Embeds Malware in Android Devices

Key Points:

• Supply chain attack involving the Keenadu malware that targets Android devices.
• The malware hijacks browser searches and commits ad fraud, executing actions without user consent.
• Immediate actions include monitoring for unusual browser activity and implementing mobile device management solutions to prevent unauthorized app installations.

Technical Details: Keenadu leverages supply chain vulnerabilities to embed itself in Android applications, allowing it to manipulate user interactions and generate fraudulent ad revenue.

MITRE ATT&CK Techniques:

• None mentioned

IOCs Mentioned:

• None mentioned